1. Cloudflare knows current MX records for a domain
2. Cloudflare has the ability to create mta-sts subdomain and TXT records automatically – just like it currently does with CAA.
3. Cloudflare has the ability to host MTA-STS policy file – either via Workers or R2

I think all the ingredients are there.

2 posts were merged into an existing topic: Email Security feature request: MTA-STS