MTA-STS validator

Background

MTA-STS is a new standard (still in development) that makes it possible to send downgrade-resistant email over SMTP. In that sense, it is like an alternative to DANE. It does this by piggybacking on the browser Certificate Authority model.

Note: this validator is based on the current draft specification as of june 28, 2018. Some parts might change before the final publication. To see which changes haven't been included in this validator yet, see this diff. The currently implemented specification is MTA-STS draft 21 and SMTP-TLSRPT draft 23.

To enable Strict Transport Security on your mailserver configure the following things:

Created by: (source code). If you encounter any errors, you can create a bug report or alternatively send me a personal message.

Summary

Loading...

Details

MTA-STS TXT record

SMTP-TLSRPT TXT record

Policy file

Certificate check

DANE [experimental]