MTA-STS
Also known as: Mail Transfer Agent Strict Transport Security
MTA-STS is a security standard that allows a domain to force authentication and encryption for inbound emails.
MTA-STS (Mail Transfer Agent Strict Transport Security) is a modern protocol that improves email security. It allows a domain owner to declare that all emails sent to them must be encrypted via TLS (Transport Layer Security) and that the sending server must authenticate itself.
Before MTA-STS, email encryption was opportunistic—if a connection failed or was intercepted, the email might downgrade to plain text, making it vulnerable to "Man-in-the-Middle" attacks. MTA-STS prevents this by telling senders, "If you can't send this securely, don't send it at all."
It works alongside SMTP TLS Reporting (TLS-RPT), which gives domain owners reports on who is sending them unencrypted mail.
Related Terms
Authentication
The process of proving to inbox providers that your emails really come from your domain. It helps stop spoofing and keeps more of your messages out of spam.
Learn more →Domain Reputation
How trusted your sending domain is by email providers like Gmail and Outlook. A strong domain reputation keeps your emails in the inbox instead of spam.
Learn more →Authenticated Received Chain (ARC)(ARC)
Authenticated Received Chain (ARC) is an email standard that keeps your authentication results when a message is forwarded or passes through mailing lists. It lets receiving servers see that earlier checks passed even if SPF or DKIM now look broken.
Learn more →Catch-All(Accept-all)
A catch-all is a server configuration that accepts emails sent to any address at a domain, even if the specific mailbox doesn't exist.
Learn more →