TLS-RPT (SMTP TLS Reporting) is a small DNS record that invites the mail servers sending to you to send a daily report whenever they fail to set up a secure, encrypted connection to your domain. It turns silent delivery problems into something you can actually see.
Encryption controls like MTA-STS are powerful, but when they break - an expired certificate, a misconfigured server - mail just stops arriving, with no bounce to warn you. TLS-RPT is the feedback loop: it tells you something is wrong while it is still easy to fix.
A published TLS-RPT record pointing at an inbox or service that actually reads the reports, paired with enforced MTA-STS - so you get the protection of forced encryption and the visibility to catch it the moment it slips. Collecting the reports is one thing; making sense of them is what we do for you.
Related: SPF · DKIM · DMARC · MTA-STS · DNSSEC · Blacklist monitoring
DMARCER checks your TLS-RPT and MTA-STS continuously and tells you the moment encrypted delivery starts failing.
Get started