Inbound TLS policy check
MTA-STS Checker
Check whether a domain publishes an MTA-STS TXT record and serves a valid HTTPS policy file. MTA-STS helps protect inbound mail delivery by requiring TLS for mail sent to your domain.
This checks _mta-sts.domain and https://mta-sts.domain/.well-known/mta-sts.txt.
Privacy note: this only sends the domain name to the lookup API. No email headers or message content are used.
What MTA-STS checks
MTA-STS is different from SPF, DKIM and DMARC. SPF, DKIM and DMARC are about sender authentication. MTA-STS is about securing inbound SMTP delivery to your mail servers with TLS.