Adding Your Domain to EFF's STARTTLS Policy List
BE SURE TO READ THE STARTTLS EVERYWHERE POLICY LIST GUIDELINES

You—the email system administrator of this domain—have read through the Policy List Guidelines. You are aware of how STARTTLS Everywhere might affect your email service in the future.

After reading the guidelines, you decide you want your domain to be added to the STARTTLS Everywhere Policy List: Here’s what to expect next.

3-STEP PROCESS FOR SUBMITTING TO THE STARTTLS EVERYWHERE POLICY LIST
  • Step 1. Submit your domain.
  • Step 2. Confirm by email.
  • Step 3. Wait & possibly submit again!
  1. You submit your administrator email address, as well as clarifying the MX hostnames forthe Mx Hostnames of your domain.
  2. Then, if you are in control of that domain, you will receive an email from the STARTTLS Everywhere service. It will ask you to confirm your email.

    Once you have clicked the verification link in the email, you will be added to the STARTTLS Everywhere queue. We will be running a series of tests (the same tests that our STARTTLS checker run) daily, and seeing if your domain passes.
  3. If it does not pass one of our tests, either due to a misconfiguration or an availability issue, you will need to begin the process again after fixing the problemand adjust your configurations for the domain. If your domain doesn’t pass the first time, feel free to please try again after fixing yourthe configurations! You can submit to STARTTLS Everywhere as many times as you like.

    You’ll receive an email from STARTTLS Everywhere letting you know that your domain did not pass athe test, and details about the failure. You’ll need to adjust your settings and repeat step 1: submitting your email and mailserver details Mx hostname and email through our webform.
IF YOUR DOMAIN PASSES ALL TESTS

Once your domain passes all of our tests for proper configuration of STARTTLS, we will add you to our queue for domains set to be approved.We will continue to test your domain over a period of time. If it continues to pass the tests, we will add your domain to our STARTTLS Policy List.

You’ll receive an email confirmation from STARTTLS Everywhere once your domain is added to the list.

If the domain doesn’t pass the checks, or seems unstable over time, you’ll receive an email from STARTTLS Everywhere letting you know that your domain did not pass the test. You’ll need to adjust your settings and resubmit your Mx hostname and email through our webform.

ONCE YOUR DOMAIN IS ADDED TO THE STARTTLS EVERYWHERE POLICY LIST

Users of this list are expected to update the list at least once every 48 hours (and on average 24 hours). Once you’re on the list, you can expect the changes to propagate within that amount of time.

Ready to get started? Fill out the form below.

Add Your Domain to EFF’s STARTTLS Policy List

By adding your domain to the STARTTLS Policy List, you’re protected from downgrade attacks so e-mail servers can send e-mail to you securely.

We’ll use this e-mail to notify you of the status of your domain and potential deliverability issues. If left empty, we'll use the postmaster@domain.org address by default.

MX Hostnames

What hostnames are your TLS certificates valid for? Let us know, so a DNS man-in-the-middle can’t lie to others about your hostnames. These hostnames can be fully qualified domain names, like `mx.example.com`, or domain suffixes, like .example.com.

When you request submission, we'll send an email to postmaster@yourdomain.org to validate your request, then queue your domain for submission for one week, and continually run security checks against your domain. If it continues to pass these checks, you’ll be added to the list! We will notify you of your domain status via the contact e-mail above, which, if specified, may be different from the postmaster address.

When you are added to the list, you are required to continue meeting security guidelines. If for some reason you do not, this could impact deliverability.

Read more about the STARTTLS Policy list.