Increase email security with MTA-STS and TLS reporting

3. Publish your MTA-STS policy

Increase email security with authentication and encryption

After creating your policy, upload the file to a public web server where remote servers can access it.

Host server requirements

The web server that hosts your policy must meet these requirements:

  • Supports SSL/HTTPS.
  • Server certificate is signed and trusted by a third-party root certificate authority.

Policy changes

Every time you change the contents of the policy file, you must:

You must also take these steps when changing a policy from testing mode to enforced mode.

Add policy to a web server in your domain

  1. Verify that your domain is set up with a public web server.
  2. Add a subdomain to your domain. The subdomain name must start with mta-sts, for example:
    mta-sts.solarmora.com
  3. Create a directory named .well-known in the subdomain.
  4. Upload the policy file you created to the .well-known directory.

    An example URL for an MTA-STA policy is:
    https://mta-sts.solarmora.com/.well-known/mta-sts.txt

Next Steps

Turn on MTA-STS and TLS reporting

Was this helpful?

How can we improve it?

Need more help?

Try these next steps:

Post to the help community Get answers from community members
Contact us Tell us more and we’ll help you get there
true
Start your free 14-day trial today

Professional email, online storage, shared calendars, video meetings and more. Start your free Google Workspace trial today.

Search
Clear search
Close search
Google apps
Main menu
15548176065096160264
true
Search Help Center
true
true
true
true
true
73010
false
false