SMTP TLSRPT defines a mechanism for domains that send emails and that are compatible with MTA-STS or DANE to share success and failure statistics with recipient domains. SMTP MTA Strict Transport Security (MTA-STS) allows domains to declare their ability to receive Transport Layer Security (TLS) secure SMTP connections and potentially require them for message delivery, and DNS-Based Authentication of Named Entities (DANE) uses TLSA DNS records to associate a TLS server certificate with the domain name. The SMTP TLS Reporting policy for must be published in DNS TXT records for

Example SMTP TLSRPT DNS record for the domain


The domain has no SMTP TLSRPT record because no mail is sent from this domain, which is indicated with Null MX record, empty SPF with -all and DMARC record with reject policy. My site has a SMTP TLSRPT record similar to the example one above.

Example SMTP TLSRPT report

This is an aggregated report for sent by Google:

  "organization-name": "Google Inc.",
  "date-range": {
    "start-datetime": "2020-05-22T00:00:00Z",
    "end-datetime": "2020-05-22T23:59:59Z"
  "contact-info": "",
  "report-id": "",
  "policies": [
      "policy": {
        "policy-type": "sts",
        "policy-string": [
          "version: STSv1",
          "mode: testing",
          "max_age: 86400"
        "policy-domain": ""
      "summary": {
        "total-successful-session-count": 7,
        "total-failure-session-count": 0

Related specs & documents