MTA-STA Reporting Services : https://dmarcvendors.com/#DMARC_Analytics
365
https://mta-sts.microsoft.com/.well-known/mta-sts.txt
version: STSv1
mode: enforce
mx: *.f-v1.mx.microsoft
mx: *.mail.protection.outlook.com
max_age: 604800In Gmail you can get these values from Google Workspace admin : https://admin.google.com/ac/apps/cs/diagnostic
Host the following file mta-sts.txt via Cloudflare or Github Pages
https://mta-sts.pariswells.com/.well-known/mta-sts.txt
I used github https://github.com/pariswells/mta-sts/tree/main
DNS
the id tag contains an alphanumeric string up to 32 alphanumerics long, used to track policy (see below) updates; it must uniquely identify a given instance of a policy, such that senders can determine when the policy has been updated by comparing to the id of a previously seen policy.
_mta-sts.domain.com -> v=STSv1;id=1746508693955;
_smtp._tls.domain.com -> v=TLSRPTv1;rua=mailto:[email protected];Gmail
Suggested Configuration:
v=STSv1;id=1746508693955;
MTA-STS Policy Diagnostic:
Not Configured
Suggested Configuration:
version: STSv1
mode: testing
mx: aspmx.l.google.com
mx: aspmx2.googlemail.com
mx: aspmx3.googlemail.com
mx: alt1.aspmx.l.google.com
mx: alt2.aspmx.l.google.com
max_age: 604800
Reporting Policy Diagnostic:
Not Configured
Suggested Configuration:
v=TLSRPTv1;rua=mailto:[email protected];- mode can be
enforce,testing, ornone:- enforce mode: the sending server must not deliver the message to a receiving host that fails MX matching or certificate validation or that does not support STARTTLS;
- testing mode: the sending server delivers the message; if TLS reporting is implemented, the sending server also sends a TLS report to the specified email addresses indicating policy application failure, when the receiving host fails MX matching or certificate validation or does not support STARTTLS;
- none mode: the sending server treats the policy domain as though it does not have any active policy;
Loading...