Deliverability.Email: Advanced Email Deliverability Audit & Troubleshooting Tools

TLS-RPT Record Generator

Generate RFC 8460 compliant TLS-RPT records for email security reporting

Record Length:0/255

Endpoints:0

Step 1 of 4

Domain Configuration

Domain Information

Domain *Enter the domain that will send emails and receive TLS failure reports

Enable TLS reporting for this domain?

If disabled, no TLS-RPT record will be generated

What is TLS-RPT?

TLS-RPT (Transport Layer Security Reporting) allows sending email servers to share statistics about potential TLS failures with your domain, helping you monitor email security.

The TLS-RPT record will be published at: _smtp._tls.yourdomain.com

Live Preview

Configure your domain settings above to generate a TLS-RPT record

About TLS-RPT

What is TLS-RPT?

TLS-RPT (TLS Reporting) is defined in RFC 8460 and enables mail service providers to report TLS connectivity issues to domain owners. It works alongside MTA-STS to provide visibility into email delivery security and helps identify configuration issues or potential attacks.

How it works

This tool checks for TLS-RPT records published as TXT records at _smtp._tls.yourdomain.com. The record specifies where to send aggregate reports about TLS connection successes and failures.

Key Components

TXT Record: Published at _smtp._tls.domain containing the TLS-RPT version and reporting URIs.
Report URIs: Email addresses or HTTPS endpoints where TLS reports should be sent (e.g., mailto:reports@domain.com or https://reports.domain.com/submit).
Version: Currently "TLSRPTv1" is the only defined version in RFC 8460.
Report Format: Reports are sent as JSON documents containing details about TLS connection attempts, successes, and failures.

Why is TLS-RPT Important?

TLS-RPT provides visibility into email delivery security issues, helps identify misconfigured mail servers, detects potential attacks or interception attempts, and validates MTA-STS policy effectiveness. It's essential for monitoring the health of your email security infrastructure.

Interpreting the Results

If TLS-RPT is configured, you'll see a valid record with one or more reporting URIs. If not configured, the tool will indicate no record was found. To configure TLS-RPT:

Create a TXT record at _smtp._tls.domain
Specify version and reporting URIs in the record
Set up email or HTTPS endpoints to receive reports
Monitor incoming reports for security issues

TLS-RPT Record Generator

Domain Configuration

Domain Information

About TLS-RPT

What is TLS-RPT?

How it works

Key Components

Why is TLS-RPT Important?

Interpreting the Results

Settings

System Utilization

TLS-RPT Record Generator

Domain Configuration

Domain Information

About TLS-RPT

What is TLS-RPT?

How it works

Key Components

Why is TLS-RPT Important?

Interpreting the Results