TLS Reporting Record Generator
Produces the `_smtp._tls` TXT record. Pair with MTA-STS so you can see what's actually happening at the TLS layer for mail addressed to your domain.
v=TLSRPTv1; rua=mailto:tlsrpt@example.com
Builds the TXT record from your reporting endpoint (mailto: or https:). Validates the version tag and the rua syntax.
Always pair with MTA-STS. Without TLS-RPT, MTA-STS failures are invisible — you only find out from missing mail.
FAQ
mailto: or https: reporting?+
mailto: is simpler. https: requires a JSON-receiving endpoint. Most teams send to a dedicated mailbox (tlsrpt@) and review weekly.
Keep going
Articles, glossary entries, and other tools on the same topic.
Record generated. Now make sure it actually passes on real sends.
A correct DNS record on paper still fails 12% of the time at the receiver. Outsolvi watches every send and flags auth failures, opens that look like proxies, and bounces in real time. From $7/user/mo yearly.
Verify on a real sendNate built Outsolvi after watching every email-tracking tool he had ever used lie to him about opens. Outsolvi runs Tier 1 to 5 confidence scoring on every open, native in Outlook and Gmail, so the number on the dashboard is one a rep can actually act on.
We update these pages when the underlying mechanics change — new mailbox-provider rules, new tracker behavior, new measurement gaps. The dates above are real revisions, not auto-touches.