SSL-Tools

SSL check results of klaaskok.nl

NEW You can also bulk check multiple servers.

Discover if the mail servers for klaaskok.nl can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 08 Jun 2020 00:30:38 +0000

The mailservers of klaaskok.nl can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @klaaskok.nl addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.vevida.com
2a00:f60::1:174
 10
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx1.vevida.com
77.94.249.174
 10
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx4.vevida.com
2a00:f60::1:187
 10
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx4.vevida.com
77.94.249.187
 10
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx2.vevida.com
2a00:f60::170
 10
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx2.vevida.com
77.94.248.170
 10
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
mx3.vevida.com
2a00:f60::1:186
 10
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx3.vevida.com
77.94.249.186
 10
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
backup-mx.vevida.com
2a00:f60::1:174
 20
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
backup-mx.vevida.com
2a00:f60::170
 20
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
backup-mx.vevida.com
2a00:f60::1:187
 20
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
backup-mx.vevida.com
2a00:f60::1:186
 20
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
backup-mx.vevida.com
77.94.249.174
 20
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
backup-mx.vevida.com
77.94.249.187
 20
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
backup-mx.vevida.com
77.94.248.170
 20
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
backup-mx.vevida.com
77.94.249.186
 20
supported
mx1.vevida.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s

Outgoing Mails

We have not received any emails from a @klaaskok.nl address so far. Test mail delivery

Certificates

First seen at:

CN=mx1.vevida.com

Certificate chain
Subject
Common Name (CN)
  • mx1.vevida.com
Alternative Names
  • backup-mx.vevida.com
  • mx1.vevida.com
  • mx2.vevida.com
  • mx3.vevida.com
  • mx4.vevida.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2020-03-27
Not valid after
2020-06-25
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
35:2D:B0:C8:F0:1B:40:78:48:C4:FF:37:F2:AE:02:C5:16:86:F6:1A:A1:DC:89:2B:C1:5A:2A:AB:CC:64:B6:9C
SHA1
C7:B6:A9:4D:BB:A3:CD:AD:B3:D1:40:F5:04:6E:C2:32:1B:C6:3B:5F
X509v3 extensions
subjectKeyIdentifier
  • 3F:34:8F:D7:E6:A5:51:BB:F5:B5:4B:66:E0:76:F2:D7:25:18:4F:1F
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 5E:A7:73:F9:DF:56:C0:E7:B5:36:48:7D:D0:49:E0:32:
  • 7A:91:9A:0C:84:A1:12:12:84:18:75:96:81:71:45:58
  • Timestamp : Mar 27 06:18:36.015 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:F2:8B:B2:CB:DF:37:8A:5A:73:B1:51:
  • F7:C2:1B:0A:27:70:07:BB:EB:26:49:D7:A9:97:9C:D4:
  • DA:07:BD:FB:E0:02:20:32:10:44:09:F0:6E:3C:33:6A:
  • 49:8A:AC:1F:52:5C:3F:4C:CD:BC:0A:00:8F:E7:46:D8:
  • EE:60:F2:EA:0D:0B:8C
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : B2:1E:05:CC:8B:A2:CD:8A:20:4E:87:66:F9:2B:B9:8A:
  • 25:20:67:6B:DA:FA:70:E7:B2:49:53:2D:EF:8B:90:5E
  • Timestamp : Mar 27 06:18:36.001 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:AB:34:D1:31:37:36:4E:69:CF:C0:CB:
  • 92:83:79:63:35:65:A7:64:61:1E:10:CD:1B:F1:89:FA:
  • 11:45:72:F4:CC:02:20:0F:69:09:D1:06:EE:CC:CB:94:
  • 2C:BF:9C:62:1C:6B:36:1A:21:44:87:5D:5A:A3:33:56:
  • F2:29:F8:F8:72:94:E0

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx3.vevida.com
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
valid
_25._tcp.mx3.vevida.com
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.mx4.vevida.com
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
valid
_25._tcp.mx4.vevida.com
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.mx1.vevida.com
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
valid
_25._tcp.mx1.vevida.com
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.mx2.vevida.com
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
valid
_25._tcp.mx2.vevida.com
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.backup-mx.vevida.com
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.backup-mx.vevida.com
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
valid