Mail Transfer Agent Strict Transport Security (MTA-STS) is a standard that enables the encryption of messages being sent between two mail servers. It specifies to sending servers that emails can only be sent over a Transport Layer Security (TLS) encrypted connection which prevents emails from being intercepted by cybercriminals.
The Simple Mail Transfer Protocol (SMTP) alone does not provide security, making it vulnerable to malicious attacks such as man-in-the-middle attacks. A man-in-the-middle is an attack where communication between two servers is intercepted and possibly changed without detection by the recipient.
In addition, encryption is optional in SMTP, which means that emails can be sent in plaintext. If a plaintext email was intercepted in transit, it could easily be read and manipulated. Without MTA-STS, an attacker can intercept the communication and force the sending service to send the message in plain text. By enabling MTA-STS, a TLS connection is required which ensures encryption and keeps your emails private.
Once you have added OnDMARC's Smart Records to your DNS, there's no need to go back to it to update your records as they can now be managed via the MTA-STS interface instead, saving you time and preventing manual configuration errors.
Forget deployment complexities - we do all the hard work for you such as hosting the MTA-STS policy file and maintaining the SSL certificate and flagging any policy violation through the TLS report.
OnDMARC's TLS Reports provide granular insight into a specific domain's success or failure, such as a missing or expired certificate. This tells you exactly what needs fixing in order for you to progress to an MTA-STS enforce mode.
Together, DMARC and MTA-STS provide solid business email protection by blocking exact domain impersonation and man-in-the-middle attacks, two of the greatest challenges that businesses need to protect their emails from.
Protect your emails from phishing attacks and data tampering with MTA‑STS
