Top 1 Million Domains with MTA-STS Errors

The following domains have an MTA-STS TXT record in place but face one or more issues with their MTA-STS setup. This finding emerges from a test conducted by URIports on the top 1 million domains. A detailed analysis and the results of this investigation into MTA-STS adoption as of 2024 can be found in our dedicated blog post.

MTA-STS ready?

To ascertain if a domain has an MTA-STS policy or is prepared to implement one, utilize our free online tool. This resource is not just limited to verifying the presence of an MTA-STS policy; it also evaluates the existing email configuration to confirm that all MX servers are TLS-enabled and have valid certificates. If a domain successfully passes these checks, it signifies readiness to adopt MTA-STS to protect against Man-in-the-Middle (MitM) downgrade attacks.

Result Summary

We've conducted tests on 1M domains, and out of these, ... (...%) domains implemented an MTA-STS TXT record. ... (...%) of these domains have implementation errors (see complete list below). Among the valid MTA-STS implementations, ...% publish an 'enforce' policy, while ...% have opted for a 'testing' policy. In summary, ... domains are leveraging MTA-STS to fortify their defenses against Man-in-the-Middle (MitM) downgrade attacks.

Domains with MTA-STS issues

Updated monthly. Last updated: ... (UTC)