Mail Transfer Agent Strict Transport Security
MTA-STS lets a domain declare that its mail servers must be reached over authenticated TLS, with the policy published over HTTPS. It stops attackers from stripping STARTTLS to force email into plaintext. It provides many of DANE's benefits for email without requiring DNSSEC, which helped adoption by large providers.