MTA-STS is enabled to prevent the unencrypted transfer of emails between email servers.
Topic
Email server transport encryption
Applicable to
Non Classified, Official, Protected, Secret, Top Secret
History
Jun 2024
MTA-STS is enabled to prevent the unencrypted transfer of emails between email servers.
The existing control recommending that MTA-STS be enabled to prevent the unencrypted transfer of emails was reworded slightly to clarify its intent.
Sep 2022
MTA-STS is enabled to prevent the unencrypted transfer of emails between complying servers.
The existing control covering the use of MTA-STS was reworded to clarify that MTA-STS is used for ‘preventing the unencrypted transfer of emails’ rather than ‘preventing the transfer of unencrypted emails’.
Aug 2020
MTA-STS, as defined in IETF RFC 8461, is enabled to prevent the transfer of unencrypted emails between complying servers.
Security control 1589 was introduced to ensure MTA-STS is implemented for email servers.