Gmail Announces Support for MTA-STS, TLS Security Reporting

Gmail has today become the first major email provider to announce support for MTA-STS and TLS Reporting, as reported by ZDNet.

The two new security standards are basically extensions to the Simple Mail Transfer Protocol (SMTP) and help email providers establish cryptographically secure connections between each other.


By adopting the new standards, Gmail will be able to prevent SMTP man-in-the-middle attacks, where rogue email server operators can intercept, read, and modify the contents of users’ emails.

For example, SMTP MTA Strict Transport Security (MTA-STS) works by allowing email server admins to set up an MTA-STS policy on their server. This policy allows a legitimate provider to request that external email servers verify the security of SMTP connections before sending any emails.

Following Gmail, it is believed that Microsoft, Comcast, and Yahoo will be announcing support for MTA-STS and TLS Reporting soon as well.

Once other email providers also start supporting these two new standards, it will help create a mesh of properly-encrypted connections between all email servers worldwide.