Ĭaching the policy protects against any unreliability of the MTA-STS policy hosting infrastructure or DNS. If the sending mail service does not have a cached policy for this domain, or the current ID is newer, the service will automatically download the policy from. The record says if there is an MTA-STS policy and shows the current ID number. The sending email service will check the Domain Name System (DNS) record of the receiving email service for an MTA-STS policy at _. Maximum amount of time the sending service should cache the policy Mode - this can be ‘enforce’, ‘testing’ or ‘none’ Understanding how MTA-STS worksĪn MTA-STS policy is a text file published to the internet which contains important details about the protocol. The sender of the email has to support MTA-STS on outbound email for the protocol to work. If the sending email service does not support MTA-STS or TLS, the email could still be delivered unencrypted.Īs an email administrator, you do not need your provider to support MTA-STS to protect emails sent to your organisation. This protocol makes email less vulnerable to middleperson attacks and allows the receiving email service to enforce encryption, without the risk of delivery failing. Mail Transfer Agent Strict Transport Security (MTA-STS) is a protocol which tells services that are sending your organisation email that your domain supports Transport Layer Security (TLS) 1.2 or higher.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |