mea.or.th - TLS / STARTTLS Test

Discover if the mail servers for mea.or.th can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 27 May 2020 00:33:17 +0000

Certificates

Problems found
Protocol

Problems found
DANE

Missing

We can not guarantee a secure connection to the mailservers of mea.or.th!

Please contact the operator of mea.or.th and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/mea.or.th

Servers

Incoming Mails

These servers are responsible for incoming mails to @mea.or.th addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
aptmail.mea.or.th 2001:df2:5c00::6731:9408 Results incomplete	5	unsupported	not checked	DANE missing PFS not checked Heartbleed not checked Weak ciphers not checked		2020-05-26 3 s
aptmail.mea.or.th 103.49.148.8 Results incomplete	5	unsupported	not checked	DANE missing PFS not checked Heartbleed not checked Weak ciphers not checked		2020-05-26 3 s
mail.mea.or.th 2001:df2:5c00::6731:940a Results incomplete	10	unsupported	not checked	DANE missing PFS not checked Heartbleed not checked Weak ciphers not checked		2020-05-26 6 s
mail.mea.or.th 103.49.148.10 Results incomplete	10	unsupported	not checked	DANE missing PFS not checked Heartbleed not checked Weak ciphers not checked		2020-05-26 5 s
meamail.mea.or.th 2001:df2:5c00::6731:940a Results incomplete	10	unsupported	not checked	DANE missing PFS not checked Heartbleed not checked Weak ciphers not checked		2020-05-26 3 s
meamail.mea.or.th 103.49.148.10 Results incomplete	10	unsupported	not checked	DANE missing PFS not checked Heartbleed not checked Weak ciphers not checked		2020-05-26 4 s
mailgw1.idc.cattelecom.com 122.155.15.122	50	supported	Cisco Appliance Demo Certificate	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 SSLv3	2020-05-26 24 s
mailgw2.idc.cattelecom.com 122.155.15.123	50	supported	Cisco Appliance Demo Certificate	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 SSLv3	2020-05-26 23 s

Outgoing Mails

We have not received any emails from a @mea.or.th address so far. Test mail delivery

Certificates

First seen at: 2020-05-24

CN=Cisco Appliance Demo Certificate,O=Cisco Systems\, Inc,L=San Jose,ST=California,C=US

Certificate chain

Cisco Appliance Demo Certificate (Certificate is self-signed.)
- 2024-04-25 remaining
- 1024 bit
- sha256WithRSAEncryption
- Hostname Mismatch
- Unknown Authority

Subject

Country (C)

State (ST)

California

Locality (L)

San Jose

Organization (O)

Cisco Systems, Inc

Common Name (CN)

Cisco Appliance Demo Certificate

Issuer

Certificate is self-signed.

validity period

Not valid before: 2014-04-25
Not valid after: 2024-04-25

Fingerprints

SHA256: 95:66:AF:25:8D:3E:5B:2E:25:2F:90:25:B6:94:57:37:66:F9:BF:C1:39:0B:DB:37:42:87:96:CC:DC:B2:B9:FA
SHA1: B3:06:CD:BF:63:F7:C3:69:1E:BC:8A:8A:90:D3:DB:3D:4D:68:FD:D2

SSL check results of mea.or.th