MTA-STS HTTPS Policy Certificate

What you see when your domain has this problem
MTA-STS HTTPS Policy Certificate is Invalid or Expired Details area Ignore

More Information About Mta-Sts Https Policy Certificate

This error indicates (per RFC 8461 Section 3.3) that the subdomain setup for the MTA-STS policy ( DOES NOT have a valid certificate or the certificate has expired. Without a valid, non-expired certificate (issued by a trusted Certificate Authority), the MTA-STS policy is invalid. 

How can I resolve this issue?

  • Purchase or renew an X.509 certificate for the HTTPS server hosting the subdomain
  • Certificate MUST be from a trusted Certificate Authority

DMARC is the key to improving Email Deliverability!

Email is the key to your customer communication strategy. But, what is your email reputation?

Setting up and managing your DMARC configuration is the key to getting insight into your email delivery. MxToolbox is the key to understanding DMARC.

MxToolbox Delivery Center gives you:

  • Who is sending phishing email purporting to be from your domain
  • What is the reputation of your domains and delegated IPs
  • Where other senders are and What their reputations are
  • How your SPF, DKIM and DMARC setup is performing
  • What on-going maintenance you need to maintain and improve your email deliverability

  Learn More