Domain Doctorby VASTROX

Free TLS-RPT checker · Instant · No signup

TLS-RPT Checker

Validate your TLS-RPT record. Domain Doctor checks your _smtp._tls TXT record so you receive reports when TLS delivery to your domain fails.

Try , or your own domain.

What this checks

TLS-RPT (SMTP TLS Reporting) is the feedback channel for MTA-STS and DANE. When another server fails to deliver mail to you over TLS, TLS-RPT tells them where to send a report — so you find out about downgrade attacks and misconfigurations instead of silently losing mail.

Domain Doctor validates your _smtp._tls TXT record, confirms the v=TLSRPTv1 version and a valid rua reporting destination (a mailto: or https: endpoint).

Common TLS-RPT Checker errors

  • No TLS-RPT record, so you get no delivery failure reports
  • Invalid rua target (malformed mailto or https)
  • Missing v=TLSRPTv1 version tag
  • Record present but MTA-STS not deployed alongside it

VASTROX EMAIL SECURITY

Get visibility into TLS delivery failures

We add TLS-RPT alongside MTA-STS so you find out about downgrade attacks instead of silently losing mail.

  • Valid TLS-RPT record published
  • Deployed alongside MTA-STS
  • Reports monitored for you

Trusted by businesses for hosting, VPS, business email & game servers · Free migration · Real support

Frequently asked questions

Is TLS-RPT required?

It is optional but strongly recommended alongside MTA-STS. Without it you have no visibility into TLS delivery failures.

Where do TLS-RPT reports go?

To the address in your rua tag — either a mailbox (mailto:) or an HTTPS endpoint that accepts JSON reports.