bma.me - TLS / STARTTLS Test

Discover if the mail servers for bma.me can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 11 Dec 2023 09:53:15 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of bma.me can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @bma.me addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.bma.me 167.94.245.95	5	supported	bma.me	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-12-11 6 s
mx1.dnsmadeeasy.com 208.80.120.10 Results incomplete	10	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-12-11 1 s
mx1.dnsmadeeasy.com 208.80.120.11 Results incomplete	10	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-12-11 1 s
mx2.dnsmadeeasy.com 208.94.150.201 Results incomplete	20	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-12-11 1 s
mx3.dnsmadeeasy.com 208.94.150.197 Results incomplete	30	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-12-11 1 s

Outgoing Mails

We have not received any emails from a @bma.me address so far. Test mail delivery

Certificates

First seen at: 2023-12-11

CN=bma.me

Certificate chain

bma.me
- 2024-03-01 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

bma.me

Alternative Names

*.amdgenterprises.com
*.bma.me
*.brianarlinghaus.com
*.desalesgroup.com
*.kymaryb.com
*.mycb.me
*.thecopperblue.com
*.wietholter.com
amdgenterprises.com
bma.me
brianarlinghaus.com
desalesgroup.com
kymaryb.com
mycb.me
thecopperblue.com
wietholter.com

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2023-12-02
Not valid after: 2024-03-01

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 49:6E:E0:CF:08:F1:B6:A7:76:3F:DB:15:D2:D7:EA:BC:3C:51:2D:D0:14:99:A9:D5:00:41:C8:7D:99:CB:D3:64
SHA1: E7:C9:77:53:0D:0F:0B:0A:95:42:66:1C:EE:35:79:40:93:07:D0:FE

X509v3 extensions

subjectKeyIdentifier

FC:AB:9A:11:20:6C:47:66:E1:BF:13:6B:C0:6F:2D:DE:04:0D:9D:5C

authorityKeyIdentifier

keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6

authorityInfoAccess

OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
Timestamp : Dec 2 02:26:01.805 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:AB:5B:A9:58:3D:D2:9C:0E:1B:21:5C:
10:97:AD:2C:D2:AA:22:A8:A2:F8:2A:6D:2B:13:B2:61:
AB:2E:EB:25:FF:02:21:00:FE:FB:32:13:C7:3F:4D:C1:
84:91:C8:B7:F2:3B:66:27:74:23:36:27:BB:3B:3D:EB:
B3:EA:6A:39:30:BF:E6:24
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Dec 2 02:26:02.300 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:D3:5A:79:CC:A6:37:57:B3:7F:9D:DF:
66:3B:E6:73:36:FA:0D:8A:38:9A:40:7C:01:09:8B:99:
6E:E1:F7:1E:64:02:21:00:DD:D9:1B:13:03:BF:0E:16:
6B:27:C1:17:8D:2B:87:D9:68:C8:23:40:CC:0C:E8:2D:
E8:8C:8D:4A:65:90:83:9A

SSL check results of bma.me