MTA-STS Checker

What is MTA-STS?

MTA-STS (Mail Transfer Agent Strict Transport Security) is an email security standard that lets domains declare support for TLS-encrypted delivery and specify whether sending servers should refuse to deliver email if a secure connection cannot be established.

MTA-STS has three components: a DNS TXT record at _mta-sts.yourdomain.com that signals support, a policy file served over HTTPS at https://mta-sts.yourdomain.com/.well-known/mta-sts.txt, and optionally a TLS-RPT record for aggregate failure reports.

This tool checks the DNS TXT record (id= field), fetches and parses the policy file (mode, max_age, mx entries), and cross-checks whether all DNS MX hosts match the policy's mx patterns.