Question 1

Does oxford.ac.uk have an MTA-STS policy?

Accepted Answer

Use the MTA-STS checker above to see if oxford.ac.uk has a published MTA-STS DNS record at _mta-sts.oxford.ac.uk and an HTTPS policy file at mta-sts.oxford.ac.uk/.well-known/mta-sts.txt.

Question 2

Does oxford.ac.uk enforce TLS for email delivery?

Accepted Answer

If oxford.ac.uk has an MTA-STS policy in enforce mode, sending mail servers must use TLS with a valid certificate when delivering email to oxford.ac.uk. If TLS negotiation fails, the email will not be delivered in plaintext — preventing downgrade attacks.

Question 3

Does oxford.ac.uk have TLSRPT reporting configured?

Accepted Answer

TLSRPT (TLS Reporting) is configured via a DNS TXT record at _smtp._tls.oxford.ac.uk. When enabled, sending servers report TLS connection successes and failures back to oxford.ac.uk, providing visibility into email encryption issues.

oxford.ac.uk MTA-STS Policy Check

What is MTA-STS for oxford.ac.uk?

Related Checks for oxford.ac.uk

SSL Certificate

DMARC Record

Health Check