network-exchange-together.de - TLS / STARTTLS Test

Discover if the mail servers for network-exchange-together.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 31 Jan 2025 21:40:47 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of network-exchange-together.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @network-exchange-together.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.network-exchange-together.de 2a03:4000:4b:ce9:38ce:7eff:fef1:863	10	supported	imap.network-exchange-together.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-01-31 1 s
mail.network-exchange-together.de 45.157.178.130	10	supported	imap.network-exchange-together.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-01-31 1 s

Outgoing Mails

We have received emails from these servers with @network-exchange-together.de sender addresses. Test mail delivery

Host	TLS Version & Cipher
unknown (IPv6:2a03:4000:4b:ce9:38ce:7eff:fef1:863)	TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384	2021-04-14

Certificates

First seen at: 2025-01-22

CN=imap.network-exchange-together.de

Certificate chain

imap.network-exchange-together.de
- 2025-04-22 remaining
- 384 bit
- ecdsa-with-SHA384

Subject

Common Name (CN)

imap.network-exchange-together.de

Alternative Names

imap.network-exchange-together.de
mail.network-exchange-together.de
smtp.network-exchange-together.de

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-01-22
Not valid after: 2025-04-22

This certifcate has been verified for the following usages:

Digital Signature
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 5A:20:15:C3:CB:BE:A2:FC:71:AA:81:B2:4C:62:17:16:89:10:31:67:FC:9C:A2:FF:86:8E:59:FF:CF:9E:36:38
SHA1: 65:D7:E6:B3:A1:8B:19:E3:DB:4C:27:3C:60:5B:4E:49:88:5D:15:A5

X509v3 extensions

subjectKeyIdentifier

C2:8E:3F:9B:4B:4A:A6:06:9D:49:E2:20:F3:28:1B:DE:4C:9B:15:B2

authorityKeyIdentifier

keyid:93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2

authorityInfoAccess

OCSP - URI:http://e6.o.lencr.org
CA Issuers - URI:http://e6.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 73:20:22:0F:08:16:8A:F9:F3:C4:A6:8B:0A:B2:6A:9A:
4A:00:EE:F5:77:85:8A:08:4D:05:00:D4:A5:42:44:59
Timestamp : Jan 22 11:05:58.380 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:34:47:3A:7C:DC:38:F8:23:C0:16:A8:6A:
E6:0C:3D:CF:06:3F:C1:09:4E:9E:BB:D0:EE:E3:25:0F:
D1:82:58:B8:02:21:00:CE:47:38:19:BD:62:62:58:6C:
8C:ED:57:B9:4F:7B:79:F3:77:31:BB:37:6A:F1:06:E3:
8E:C1:D9:44:BC:C2:79
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
Timestamp : Jan 22 11:05:58.379 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:44:37:DD:21:9A:7F:C6:D2:5C:EC:6C:91:
12:8F:4F:11:CB:4B:F8:54:16:D0:70:E7:5D:72:EE:DE:
37:91:C4:3D:02:20:3F:61:12:0F:5E:CB:F2:5D:33:6C:
AD:9F:B9:40:6E:D2:7C:F5:63:E9:AE:BF:C5:A5:05:17:
B5:C9:16:9B:18:04

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mail.network-exchange-together.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid

SSL check results of network-exchange-together.de