SMTP TLS Reporting
RFC 8460, “SMTP TLS Reporting”, is a Proposed Standard document published in September 2018 by D. Margolis, A. Brotman, B. Ramakrishnan, J. Jones, M. Risher. The canonical text is published by the RFC Editor.
Abstract
A number of protocols exist for establishing encrypted channels between SMTP Mail Transfer Agents (MTAs), including STARTTLS, DNS- Based Authentication of Named Entities (DANE) TLSA, and MTA Strict Transport Security (MTA-STS). These protocols can fail due to misconfiguration or active attack, leading to undelivered messages or delivery over unencrypted or unauthenticated channels. This document describes a reporting mechanism and format by which sending systems can share statistics and specific information about potential failures with recipient domains. Recipient domains can then use this information to both detect potential attacks and diagnose unintentional misconfigurations.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8460 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8459 Hierarchical Service Function Chaining
- RFC 8461 SMTP MTA Strict Transport Security
- RFC 8458 Using National Bibliography Numbers as Uniform Resource Names
- RFC 8462 Report from the IAB Workshop on Managing Radio Networks in an Encrypted World
- RFC 8457 IMAP "$Important" Keyword and "\Important" Special-Use Attribute
- RFC 8463 A New Cryptographic Signature Method for DomainKeys Identified Mail
- RFC 8456 Benchmarking Methodology for Software-Defined Networking Controller Performance
- RFC 8464 A URN Namespace for Device Identity and Mobile Equipment Identity