Last updated: July 2026
In short: After this guide your GoDaddy-managed zone publishes a TLS-RPT record and receives daily reports on encrypted delivery. GoDaddy has no dedicated TLS-RPT article — you publish a standard TXT record through its generic DNS UI.
Prerequisites
- A domain whose DNS is managed at GoDaddy
- A destination for the reports (analysis service or mailbox)
What is TLS-RPT?
TLS-RPT (SMTP TLS Reporting, RFC 8460) is a DNS TXT record under _smtp._tls.your-domain. Receiving servers send daily aggregate reports on TLS delivery to the address named there. It enforces nothing — it shows you whether your MTA-STS or DANE protection works. As a DNS host, GoDaddy is well suited to publish it, even though it has no dedicated help article for TLS-RPT.
The starting point at GoDaddy
GoDaddy documents no TLS-RPT switch — there isn’t one. But TLS-RPT is a plain TXT record, and GoDaddy’s generic TXT UI is all you need: the Value text is “usually provided by your SSL, hosting, or email provider” — here you simply supply the RFC 8460 string yourself.
Step-by-step guide
1. Set the report address
A TLS-RPT analysis service processes the JSON reports.
2. Create the TXT record in the Domain Portfolio
In your GoDaddy Domain Portfolio, open DNS, then Add New Record and select TXT from the Type menu:
| Field | Value |
|---|---|
| Type | TXT |
| Name | _smtp._tls |
| Value | v=TLSRPTv1; rua=mailto:tlsrpt@beispiel.de |
| TTL | Default |
The Name field takes the prefix (subhost) without the domain name — enter _smtp._tls. Leave TTL on Default and Save.
3. Together with MTA-STS or DANE
TLS-RPT only reports; the actual enforcement of encrypted delivery comes from MTA-STS or — with a DNSSEC-signed zone — DANE. Combine TLS-RPT with one of them.
4. Wait until the change is live
Most DNS updates take effect within an hour but could take up to 48 hours to update globally.
Verify the result
Check your configuration with the free MXAudit scanner.
dig TXT _smtp._tls.example.com +short
Common mistakes
rua to a normal mailbox. Use an analysis service — the reports are JSON, not human-readable mail.
TLS-RPT alone. It only reports; enforcement is delivered by MTA-STS or DANE.
Wrong Name field. The record must sit at _smtp._tls, not on the root domain.
Further reading
- GoDaddy Help: Add a TXT record (retrieved: July 10, 2026)
- RFC 8460 — SMTP TLS Reporting
