SSL-Tools

SSL check results of msetalk.fr

NEW You can also bulk check multiple servers.

Discover if the mail servers for msetalk.fr can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 20 Mar 2024 23:18:38 +0000

The mailservers of msetalk.fr can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @msetalk.fr addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.msetalk.fr
2a02:c206:2058:4800::1
 10
supported
mail.msetalk.fr
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s
mail.msetalk.fr
161.97.163.84
 10
supported
mail.msetalk.fr
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s

Outgoing Mails

We have received emails from these servers with @msetalk.fr sender addresses. Test mail delivery

Host TLS Version & Cipher
mail.msetalk.fr (161.97.163.84)
TLSv1.3 TLS_AES_256_GCM_SHA384
82-64-238-27.subs.proxad.net (82.64.238.27)
TLSv1.3 TLS_AES_256_GCM_SHA384

Certificates

First seen at:

CN=mail.msetalk.fr

Certificate chain
  • mail.msetalk.fr
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.msetalk.fr
Alternative Names
  • mail.msetalk.fr
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-03-09
Not valid after
2024-06-07
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
94:FF:DE:56:B0:F3:4F:D4:7D:20:E1:0C:F3:E3:9F:23:7B:14:6A:9B:DD:A2:21:AF:20:DE:40:5C:1C:29:2A:0E
SHA1
0C:03:97:58:19:5C:58:10:EB:C7:9D:0E:57:24:97:6C:6B:81:85:83
X509v3 extensions
subjectKeyIdentifier
  • 67:1A:37:8E:5C:1C:08:0F:29:E7:DD:B3:75:C2:AA:86:31:F6:6C:29
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
  • 65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
  • Timestamp : Mar 9 21:43:08.111 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:75:98:B8:02:27:C2:64:9E:29:D3:9E:2A:
  • 8E:5A:10:9E:F0:A2:E3:8D:8C:10:B0:41:58:0C:D7:47:
  • F5:30:8A:24:02:20:77:F0:59:D1:30:AA:B5:CF:80:1C:
  • 2B:AD:C7:97:12:B8:A7:51:1D:C3:D5:C8:A2:AB:98:72:
  • 64:01:4D:90:47:BE
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Mar 9 21:43:08.093 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:2C:64:5D:AE:02:12:0D:01:7C:46:83:E0:
  • 50:38:0E:51:D7:B2:83:A2:81:99:BA:A4:A1:02:5D:F5:
  • 53:B2:01:D0:02:20:6F:A3:66:F5:9E:9B:40:98:CA:B0:
  • 77:4C:5D:E4:C7:E6:17:3E:BA:16:F2:A1:D2:02:2D:7F:
  • D0:D0:F0:FF:D4:38

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.msetalk.fr
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid