What is TLS-RPT?
Still have a question, spotted an error, or have a better explanation or a source we should cite?
Imagine a silent partner watching every time someone tries to send you an email. TLS-RPT is exactly that for your domain's mail server. It's a reporting standard (defined in RFC 8460) that tells other mail servers "here's where to send me a report if you have trouble connecting securely."
When a sending mail server can't establish a secure TLS connection to you.maybe your certificate expired, or STARTTLS negotiation failed.it sends a daily JSON report to the address you specify. That's it. You get visibility into TLS failures before they tank your deliverability.
TLS-RPT works alongside MTA-STS policies that enforce encryption. While MTA-STS says "you must use TLS," TLS-RPT lets you know when that requirement causes problems. Think of TLS-RPT as your early warning system for certificate and STARTTLS headaches.
Next step: Learn how to set up TLS-RPT on your domain and start collecting reports.
Contributors
Who worked on this answer
Every name links to their profile. Every company links to their site. Real people, real accountability.