Den side, du har anmodet om, er ikke tilgængelig på dit sprog i øjeblikket. Du kan vælge et andet sprog nederst på siden eller få en øjeblikkelig oversætte af en hvilken som helst webside til et valgfrit sprog ved hjælp af Google Chromes indbyggede oversættelsesfunktion.

Increase email security with MTA-STS and TLS reporting

About MTA-STS and TLS reporting

Increase Gmail security by turning on MTA Strict Transport Security (MTA-STS) for your domain. MTA-STS improves Gmail security by requiring authentication checks and encryption for email sent to your domain. Use Transport Layer Security (TLS) reporting to get information about external server connections to your domain.

Like all mail providers, Gmail uses Simple Mail Transfer Protocol (SMTP) to send and receive messages. SMTP alone does not provide security, and many SMTP servers don’t have added security to prevent malicious attacks.

For example, SMTP is vulnerable to man-in-the-middle attacks. Man-in-the-middle is an attack where communication between two servers is intercepted and possibly changed without detection. Using MTA-STS to secure mail server connections helps prevent these types of attacks.

Learn more about MTA-STS (RFC 8461) and TLS Reporting (RFC 8460).

Google recommends you set up additional email authentication methods for your account, including DKIM, SPF, and DMARC. Learn more about recommended email authentication methods

MTA-STS email security

SMTP connections for email are more secure when the sending server supports MTA-STS and the receiving server has an MTA-STS policy in enforced mode.

Receiving mail: When you turn on MTA-STS for your domain, you request external mail servers to send messages to your domain only when the SMTP connection is both:

  • Authenticated with a valid public certificate
  • Encrypted with TLS 1.2 or higher

Mail servers that support MTA-STS will send messages to your domain only over connections that have both authentication and encryption.

Sending mail: Gmail messages from your domain comply with MTA-STS when sent to external servers with an MTA-STS policy in enforced mode.

TLS reporting

When you turn on TLS reporting, you request daily reports from external mail servers that connect to your domain. The reports have information about any connection problems the external servers find when sending mail to your domain. Use report data to identify and fix security issues with your mail server.

Steps to set up MTA-STS and TLS reporting

  1. Check the MTA-STS configuration for your domain.
  2. Create an MTA-STS policy.
  3. Publish the MTA-STS policy.
  4. Add DNS TXT records to turn on MTA-STS and TLS reporting.

Get started now

Learn more about MTA-STS and TLS reports

Was this helpful?

How can we improve it?

Need more help?

Try these next steps:

Post to the help community Get answers from community members
Contact us Tell us more and we’ll help you get there
true
Start your free 14-day trial today

Professional email, online storage, shared calendars, video meetings and more. Start your free Google Workspace trial today.

Search
Clear search
Close search
Main menu
17267375572156469784
true
Search Help Center
false
true
true
true
true
true
73010
false
false
false
false