Stop man-in-the-middle attacks

Prevent email tampering and secure your inbound emails with OnDMARC's MTA-STS feature.

What is MTA-STS

What is MTA-STS?

Mail Transfer Agent Strict Transport Security (MTA-STS) is a standard that enables the encryption of messages being sent between two mail servers. It specifies to sending servers that emails can only be sent over a Transport Layer Security (TLS) encrypted connection which prevents emails from being intercepted by cybercriminals.

Intercepted email MTA-STS

Why do you need MTA-STS?

The Simple Mail Transfer Protocol (SMTP) alone does not provide security, making it vulnerable to malicious attacks such as man-in-the-middle attacks. A man-in-the-middle is an attack where communication between two servers is intercepted and possibly changed without detection by the recipient. 

In addition, encryption is optional in SMTP, which means that emails can be sent in plaintext. If a plaintext email was intercepted in transit, it could easily be read and manipulated. Without MTA-STS, an attacker can intercept the communication and force the sending service to send the message in plain text. By enabling MTA-STS, a TLS connection is required which ensures encryption and keeps your emails private.


Avoid configuration errors

Put an end to configuration errors

Once you have added OnDMARC's Smart Records to your DNS, there's no need to go back to it to update your records as they can now be managed via the MTA-STS interface instead, saving you time and preventing manual configuration errors.

It's managed by experts

Avoid complicated deployments

Forget deployment complexities - we do all the hard work for you such as hosting the MTA-STS policy file and maintaining the SSL certificate and flagging any policy violation through the TLS report.

Easy to digest reports

Benefit from easy to understand reports

OnDMARC's TLS Reports provide granular insight into a specific domain's success or failure, such as a missing or expired certificate. This tells you exactly what needs fixing in order for you to progress to an MTA-STS enforce mode.

Total privacy

Take advantage of robust email security

Together, DMARC and MTA-STS provide solid business email protection by blocking exact domain impersonation and man-in-the-middle attacks, two of the greatest challenges that businesses need to protect their emails from.