Security News > 2021 > January > Enhancing Email Security with MTA-STS and SMTP TLS Reporting
Mail Transfer Agent-Strict Transport Security is a relatively new standard that enables mail service providers the ability to enforce Transport Layer Security to secure SMTP connections and to specify whether the sending SMTP servers should refuse to deliver emails to MX hosts that that does not offer TLS with a reliable server certificate.
SMTP TLS Reporting is a standard that enables reporting issues in TLS connectivity experienced by applications that send emails and detect misconfigurations.
It enables the reporting of email delivery issues that take place when an email isn't encrypted with TLS. In September 2018, the standard was first documented in RFC 8460.
The primary goal is to improve transport-level security during SMTP communication, ensuring the privacy of email traffic.
A MITM attacker can easily exploit this feature by performing an SMTP downgrade attack on the SMTP connection by tampering with the upgrade command by replacing or deleting it, forcing the client to fall back to sending the email in plaintext.
Troubleshooting Issues in Email Delivery with TLS-RPT. SMTP TLS Reporting provides domain owners with diagnostic reports with elaborate details on emails addressed to your domain and are facing delivery issues, or couldn't be delivered due to a downgrade attack or other issues, so that you can fix the problem proactively.