abt6.de - TLS / STARTTLS Test

Discover if the mail servers for abt6.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 18 Jun 2024 12:14:02 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of abt6.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @abt6.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mx01.plskthx.de 2a07:54c7:2002:2110::1	10	supported	mx01.plskthx.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2024-06-18 2 s
mx01.plskthx.de 144.76.188.91	10	supported	mx01.plskthx.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2024-06-18 1 s

Outgoing Mails

We have not received any emails from a @abt6.de address so far. Test mail delivery

Certificates

First seen at: 2024-06-18

CN=mx01.plskthx.de

Certificate chain

mx01.plskthx.de
- 2024-09-09 remaining
- 4096 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

mx01.plskthx.de

Alternative Names

mx01.plskthx.de

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2024-06-11
Not valid after: 2024-09-09

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: D9:39:4A:0A:E1:9E:D1:19:64:41:21:CD:E2:14:4C:55:2A:8F:8E:D1:41:5F:C9:C1:CF:FA:04:EB:49:46:86:B4
SHA1: 63:AD:CF:6A:71:D3:B0:4D:70:19:CE:98:10:46:3C:1F:CE:35:72:81

X509v3 extensions

subjectKeyIdentifier

F7:51:CE:FA:9F:B2:B9:F0:53:3A:8A:74:B7:5E:40:1E:E8:59:99:B9

authorityKeyIdentifier

keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8

authorityInfoAccess

OCSP - URI:http://r10.o.lencr.org
CA Issuers - URI:http://r10.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Jun 11 23:40:25.282 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:F4:74:F2:A0:77:92:47:4F:3D:B3:BF:
6B:F1:6A:16:55:49:8D:8A:FA:44:5C:DD:2F:7F:BA:BC:
B1:C5:07:F4:EC:02:21:00:F7:E8:DA:78:E1:A8:59:9A:
96:55:57:8B:C7:88:18:6C:28:FD:79:D3:3C:BF:41:C1:
D8:42:63:1F:B0:D7:78:D9
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Jun 11 23:40:25.342 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:BB:3F:7F:04:5E:DB:90:90:64:D8:9D:
F5:B7:D1:1C:6D:3F:D2:F4:DD:BE:78:6C:41:BE:B6:9A:
CE:CF:1B:5B:F9:02:21:00:9A:2D:AB:0F:E8:04:C0:A5:
D2:C9:4C:D7:69:FA:19:AA:9A:E9:27:EE:AD:CC:27:91:
B7:BD:29:F7:95:55:A9:93

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mx01.plskthx.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid
_25._tcp.mx01.plskthx.de	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—
_25._tcp.mx01.plskthx.de	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—
_25._tcp.mx01.plskthx.de	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	valid

SSL check results of abt6.de