popp.email - TLS / STARTTLS Test

Discover if the mail servers for popp.email can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 25 May 2023 23:09:50 +0000

Certificates

Problems found
Protocol

Secure
DANE

Missing

We can not guarantee a secure connection to the mailservers of popp.email!

Please contact the operator of popp.email and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/popp.email

Servers

Incoming Mails

These servers are responsible for incoming mails to @popp.email addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
luke.callidomus.com 2a01:4f8:221:3e1e::2 Results incomplete	10		not checked	DANE missing PFS not checked Heartbleed not checked Weak ciphers not checked		2023-05-25 1 s
luke.callidomus.com 46.4.13.82 Results incomplete	10	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-05-25 1 s
leia.callidomus.com 2a01:4f8:192:3154::2 Results incomplete	20		not checked	DANE missing PFS not checked Heartbleed not checked Weak ciphers not checked		2023-05-25 1 s
leia.callidomus.com 144.76.96.85	20	supported	leia.callidomus.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-05-25 1 s

Outgoing Mails

We have not received any emails from a @popp.email address so far. Test mail delivery

Certificates

First seen at: 2023-05-25

CN=leia.callidomus.com

Certificate chain

leia.callidomus.com
- 2021-06-28 remaining
- 2048 bit
- sha256WithRSAEncryption
- Expired

Subject

Common Name (CN)

leia.callidomus.com

Alternative Names

leia.callidomus.com

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2021-03-30
Not valid after: 2021-06-28

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: BB:D6:7E:DD:BD:45:4C:2B:93:B8:55:44:91:FD:63:E8:31:FD:A3:A1:1C:5C:DA:45:A4:7F:68:31:62:8A:62:B9
SHA1: 9F:E9:08:66:E8:19:B0:74:98:5C:CA:D7:9B:BB:03:B5:B8:24:5A:C0

X509v3 extensions

subjectKeyIdentifier

1E:3E:3C:69:48:8A:DA:31:B7:C5:9E:72:2E:CC:63:B0:3F:C9:D0:CF

authorityKeyIdentifier

keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6

authorityInfoAccess

OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
Timestamp : Mar 30 03:19:55.534 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:12:B1:44:AC:70:59:97:CA:E6:1A:15:15:
9A:B4:83:99:E9:1E:DF:12:90:28:1A:C5:5F:06:FD:28:
9D:05:8E:96:02:21:00:C1:BC:62:5C:2B:60:CB:84:8B:
CD:CB:69:26:80:6D:1A:7D:27:41:8A:37:BD:25:BA:5E:
EA:A3:CB:80:07:F4:00
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
Timestamp : Mar 30 03:19:55.597 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:E7:46:82:E5:30:95:D6:72:31:BF:53:
D4:00:BF:72:FC:DE:74:F1:C5:EF:87:58:A4:7D:7E:81:
87:E8:AE:28:E6:02:20:7E:C1:EC:38:D5:F2:EE:F6:BE:
02:12:A1:A9:E3:28:15:8A:FC:CE:79:FB:1C:33:81:3D:
F3:CF:EF:E0:FF:DC:D5

SSL check results of popp.email