MTA-STS Checker
Check if your domain has MTA-STS (Mail Transfer Agent Strict Transport Security) and TLS-RPT configured. These protocols prevent email interception by enforcing TLS encryption during delivery.
What is MTA-STS?
MTA-STS (Mail Transfer Agent Strict Transport Security) tells sending mail servers that your domain requires TLS encryption for email delivery. Without it, a man-in-the-middle attacker can downgrade the connection to plaintext and read emails in transit.
How it works
MTA-STS has two components: a DNS TXT record at _mta-sts.yourdomain.com and a policy file hosted at https://mta-sts.yourdomain.com/.well-known/mta-sts.txt. The policy file specifies the mode (testing or enforce), authorized MX servers, and max age.
TLS-RPT (TLS Reporting)
TLS-RPT is a companion protocol that sends you reports when TLS connection failures occur. Add a TXT record at _smtp._tls.yourdomain.com to receive daily reports about TLS negotiation problems.