SMTP Strict Transport Security, or Make the World a Better Place

 

Two years ago, the world knew how to use and implement a new standard SMTP TLS Security. Many enthusiasts implemented and tested it.

Recently, a new internet standard SMTP Strict Transport Security draft has been introduced to help organizations secure their emails. Let’s flip through how SMTP MTA STS will help you.

The SMTP Strict Transport Security specification is designed to address many of security issues, significantly improving the existing environment.  Here is how it goes:

Let’s say an organization wants to use SMTP MTA STS for the domain WeAreInAllClouds.com.
For example, email to “Dima.Razbornov@WeAreInAllClouds.com” would be sent. In this case, the organization should do three basic steps:
0. Update all of their inbound email servers to support SMTP TLS and meet the requirements
1. Create a special DNS TXT record for “_mta-sts.weareinallclouds.com”
2. Setup a secure web site, “https://mta-sts.weareinallclouds.com” with a valid TLS certificate signed by a trusted third party
3. Publish a text file under the address “https://mta-sts.weareinallclouds.com/.well-known/mta-sts.txt”
*This text file should contain the list all of MX records used by WeAreInAllClouds.com.

To make things easier, there are two handy validators that you can check out:

MTA-STS Validator
Hardenize – Website Security Monitoring

HTTP Strict Transport Security

Also, here are useful links for the SMTP Strict Transport Security draft:

ТТХ MTA-STS
ТТХ SMPT-TLSRPT

That’s it, so are you ready to secure your emails?

 

Right in your email inbox
Useful data from iRangers Experts

Subscribe to our mailing list and get interesting updates and tips.

Leave a Reply

Your email address will not be published.