SSL check results of elmail.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for elmail.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sat, 09 Mar 2024 06:09:12 +0000

The mailservers of elmail.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @elmail.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
gw.elmail.de
83.236.194.22
10
supported
gw.elmail.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s

Outgoing Mails

We have received emails from these servers with @elmail.de sender addresses. Test mail delivery

Host TLS Version & Cipher
gw.elmail.de (83.236.194.22)
TLSv1.3 TLS_AES_256_GCM_SHA384

Certificates

First seen at:

CN=gw.elmail.de

Certificate chain
Subject
Common Name (CN)
  • gw.elmail.de
Alternative Names
  • gw.elmail.de
  • www.gw.elmail.de
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • RapidSSL TLS RSA CA G1
validity period
Not valid before
2024-03-04
Not valid after
2025-03-17
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
39:DB:8D:65:C0:63:17:AA:CB:E3:4B:EC:86:84:84:7F:36:1E:C4:7E:04:2B:F8:04:87:73:FB:6A:25:AA:09:6D
SHA1
F5:E1:56:51:1B:64:3B:FB:A4:F2:8D:CA:F3:50:54:68:A1:D7:14:3B
X509v3 extensions
authorityKeyIdentifier
  • keyid:0C:DB:6C:82:49:0F:4A:67:0A:B8:14:EE:7A:C4:48:52:88:EB:56:38
subjectKeyIdentifier
  • 6D:02:09:9D:E5:F4:4F:14:FA:51:36:2E:64:86:1C:49:82:FF:F7:DF
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • CPS: http://www.digicert.com/CPS
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.rapidssl.com/RapidSSLTLSRSACAG1.crl
authorityInfoAccess
  • OCSP - URI:http://status.rapidssl.com
  • CA Issuers - URI:http://cacerts.rapidssl.com/RapidSSLTLSRSACAG1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
  • 1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
  • Timestamp : Mar 4 18:06:19.389 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:07:22:9B:09:8F:DF:A1:D0:0B:3A:3A:EB:
  • 0A:A3:F4:8E:DF:32:B4:04:D0:61:3C:67:56:E6:57:FF:
  • 28:91:4E:91:02:20:19:BB:12:E7:FA:38:09:78:E8:05:
  • EA:D7:87:C4:82:D8:C4:1D:DF:62:5B:8C:F5:D0:FF:B9:
  • 00:08:E7:98:61:C3
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
  • D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
  • Timestamp : Mar 4 18:06:19.408 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:D1:79:84:E5:F8:B4:A9:20:B4:06:A4:
  • 81:DF:D4:E4:D3:66:A2:62:ED:A7:FF:AF:8B:A0:DD:A0:
  • E6:C2:EC:18:FC:02:21:00:AF:23:10:AA:42:31:7F:66:
  • 4A:5F:09:7B:7B:07:63:4B:65:AC:50:31:11:20:DD:15:
  • 3A:8B:20:47:CB:74:7E:82
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
  • 1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
  • Timestamp : Mar 4 18:06:19.430 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:74:B5:03:F5:FF:0F:30:E0:6E:7F:C9:E4:
  • 54:19:B7:5A:65:EA:46:C3:0C:4F:C8:A5:B3:4D:7C:69:
  • AA:A6:C0:22:02:21:00:F8:66:A8:AF:A4:F7:B1:59:86:
  • EB:8B:04:00:2E:4B:A1:F9:C7:D3:F5:A4:A8:64:29:9E:
  • 99:4B:F2:E2:A2:22:EF

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.gw.elmail.de
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid