What is RFC 8460 (TLS Reporting)?

RFC 8460 defines SMTP TLS Reporting, enabling senders to receive feedback about TLS negotiation failures when delivering to their domains. This complements MTA-STS by providing visibility into encryption enforcement issues.

Domains publish TLS-RPT records in DNS specifying where reports should be sent. Sending servers encountering TLS failures submit reports detailing the issue, enabling domain owners to identify and fix problems.

TLS reporting helps domains understand whether their encryption requirements are being honored and identify servers with configuration problems. Without reporting, TLS failures might go undetected, leaving messages vulnerable despite intended protection.