Back to Top
Gmail and Yahoo require DMARC. Make sure you're compliant. Learn More.

Managed MTA-STS 
and TLS Reporting

Automate MTA-STS setup, breeze through policy enforcement, and analyze TLS reports via human-readable charts.

Get Started
MSP Header

MTA-STS Configuration in 1-2-3

Go through an initial MTA-STS setup and start receiving your TLS reports. Our system will ask you to add CNAME records to get going. This one-time configuration will automatically apply any changes you make in our system in your DNS.

Once done with the setup, wait for the DNS changes to take effect and start receiving your TLS reports.

MSP Revenue

Rely On Human-Readable TLS Reports

Raw TLS reports in JSON format can be challenging to work with. EasyDMARC’s smart cloud platform turns technical files into simple, human-friendly charts. Get a bird’s eye view into your infrastructure, eliminate guesswork, and elevate your decision-making.

After the setup, your TLS reports will come straight to our system. However, you can also upload JSON files manually. Either way, we’ll parse your data into a visually appealing, information-packed dashboard. From here, taking action is a matter of a few clicks.

Start Free Trial
Education Ebook

No Expert Knowledge Necessary

We remove the friction of reading JSON reports, fiddling with technical settings in your DNS, and risking misconfiguration. You don’t need to be an email security guru to achieve results on our platform.

Benefits of Managed MTA-STS and TLS Reporting

Benefits of Managed MTA-STS and TLS Reporting

  • One-time technical setup
  • Streamlined workflow
  • Time-saving and low effort
  • Efficient deployment
  • Maintenance and control

Frequently Asked Questions

What Is MTA-STS, and How Does It Enhance Email Security?

Mail Transfer Agent Strict Transport Security (MTA-STS) is an email security protocol that ensures encryption for all emails sent to your domain. MTA-STS setup includes publishing a policy file on your website, which informs senders about:

  • the domain name of your email server,
  • the required Transport Layer Security (TLS) version,
  • whether or not you allow downgrades.

The sending server checks if the email is being sent over a secure connection. If it’s not secure, the sending server won’t deliver the email.

MTA-STS boosts email security by

How Do I Configure My Email Servers To Support MTA-STS?
  1. Create an MTA-STS policy file. This is a text document containing:
    • your email server’s domain name
    • the required TLS version
    • whether or not you allow downgrades
    • the maximum age of the policy file

    You can create the policy file manually, but using a tool eliminates possible errors.

  2. Publish the policy file on your website. The website must be protected using HTTPS. Upload the file to your domain's web server or content delivery network (CDN).
  3. Configure your email servers to enforce MTA-STS. Configuring your email servers to enforce MTA-STS largely depends on what software you use, as each has specific rules. Once done, start testing the configuration to ensure it works properly.
What Is TLS Encryption, and Why Is It Essential for Secure Email Communication?

The TLS protocol encrypts, authenticates, and verifies the integrity of the data you send and receive online. It combines symmetric-key encryption, asymmetric-key encryption, digital certificates, and hashing techniques.

TLS uses Encryption, Authentication, and Integrity to protect sensitive information in transit. It guards against threats like eavesdropping, man-in-the-middle attacks, replay attacks, and spoofing. TLS secures web browsing, email, messaging, and voice-over-IP (VoIP) communications.

What Level of Technical Expertise Is Required To Set Up and Manage MTA-STS and TLS Reporting With EasyDMARC?

No expert knowledge is required to set up and manage MTA-STS and TLS reporting with EasyDMARC. Due to our user-friendly and intuitive platform, you can configure and manage email security protocols even if you don’t have an IT department.

Our dashboard provides detailed guides on how to complete the setup and start using your features. Completing the configuration only takes a few minutes.

How Do I Start Receiving TLS Reports?

The feature activates with EasyDMARC’s Premium tier. Once you log into the system, the platform greets you with a step-by-step setup guide. Add the provided CNAME records to your domain’s DNS zone and follow the other steps to complete the setup.

Changes to DNS take up to 24 hours, but once they’re through, you’ll start receiving the TLS reports.

How to Read TLS Reports on EasyDAMRC Dashboard?

EasyDMARC’s TLS Reports provide detailed information on every transit session between sending and receiving servers. Here’s what information you can monitor and act on with our reports:

  • Successful and failed sessions count
  • Reporter name with the detailed view of the JSON report file
  • Receiving and sending IP addresses
  • Receiving MX record
  • Policy mode and result type

Even if you haven’t received the reports via EasyDMARC, you can upload the JSON file and receive a detailed readable overview.

Are There Privacy Concerns With TLS Reporting?

EasyDMARC is devoted to the privacy of our clients. We use advanced security mechanisms to protect your report data.

Make Your DMARC Journey Simple With EasyDMARC