rk-mail.net - TLS / STARTTLS Test

Discover if the mail servers for rk-mail.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 16 Apr 2024 14:08:52 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of rk-mail.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @rk-mail.net addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mx02.mail.icloud.com 17.42.251.62	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 6 s
mx02.mail.icloud.com 17.57.152.5	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 8 s
mx02.mail.icloud.com 17.57.154.33	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 8 s
mx02.mail.icloud.com 17.56.9.31	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 8 s
mx02.mail.icloud.com 17.57.156.30	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 6 s
mx02.mail.icloud.com 17.57.155.25	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 5 s
mx01.mail.icloud.com 17.42.251.62	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 6 s
mx01.mail.icloud.com 17.57.152.5	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 8 s
mx01.mail.icloud.com 17.57.154.33	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 8 s
mx01.mail.icloud.com 17.56.9.31	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 8 s
mx01.mail.icloud.com 17.57.156.30	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 6 s
mx01.mail.icloud.com 17.57.155.25	10	supported	mx01.mail.icloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 6 s

Outgoing Mails

We have not received any emails from a @rk-mail.net address so far. Test mail delivery

Certificates

First seen at: 2024-03-18

CN=mx01.mail.icloud.com,O=Apple Inc.,ST=California,C=US

Certificate chain

mx01.mail.icloud.com
- 2025-03-17 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Country (C)

State (ST)

California

Organization (O)

Apple Inc.

Common Name (CN)

mx01.mail.icloud.com

Alternative Names

mx02.mail.icloud.com
mx3.mail.icloud.com
mx01.mail.icloud.com

Issuer

Common Name (CN)

Apple Public Server RSA CA 12 - G1

Organization (O)

Apple Inc.

State (ST)

California

Country (C)

validity period

Not valid before: 2024-03-12
Not valid after: 2025-03-17

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication

Fingerprints

SHA256: 13:DD:D0:A8:75:20:55:BE:74:04:33:34:C0:37:56:09:9B:98:BD:F6:4F:42:5E:53:74:F6:DD:C9:64:79:27:F2
SHA1: 95:57:D9:71:7D:C5:E0:40:0B:2F:8D:49:30:D8:A8:81:18:B1:0F:E3

X509v3 extensions

authorityKeyIdentifier

keyid:1E:5C:17:91:05:57:02:FC:77:5C:E3:70:43:EC:6B:FD:DD:D2:D8:69

authorityInfoAccess

CA Issuers - URI:http://certs.apple.com/apsrsa12g1.der
OCSP - URI:http://ocsp.apple.com/ocsp03-apsrsa12g101

certificatePolicies

Policy: 2.23.140.1.2.2
CPS: https://www.apple.com/certificateauthority/public
Policy: 1.2.840.113635.100.5.11.4

crlDistributionPoints

Full Name:
URI:http://crl.apple.com/apsrsa12g1.crl

subjectKeyIdentifier

F5:4D:4E:A3:87:59:BA:6C:4D:53:B2:9C:83:57:BC:5E:10:00:F9:FE

1_2_840_113635_100_6_86

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
Timestamp : Mar 12 21:41:18.432 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:4F:BE:E4:04:AE:F7:0D:20:DC:6F:B7:A9:
40:67:B0:CC:4C:80:40:DA:9D:31:ED:7D:3B:34:AC:AF:
0F:38:5F:C5:02:21:00:CF:9D:16:A9:0A:20:C3:38:2D:
61:B4:B7:EB:BC:EF:1F:6D:FF:81:34:7D:0C:E1:AD:D6:
BC:F5:67:25:AC:6D:3F
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
Timestamp : Mar 12 21:41:18.398 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:DA:46:58:BC:A3:04:4F:5D:71:8B:5E:
84:B0:24:41:48:77:65:46:42:C8:2D:39:C1:D9:DA:CF:
07:C5:58:B4:6B:02:20:4A:C6:C5:FE:19:A4:FF:99:37:
D8:3F:56:BF:A0:3C:04:9E:6B:F6:FE:7A:8C:A8:02:14:
F7:AE:96:D1:89:E9:1E
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
Timestamp : Mar 12 21:41:18.526 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:1B:6B:49:DB:6A:C1:93:80:A1:28:99:90:
B3:37:05:9D:43:32:6E:14:29:FD:81:7E:1D:32:76:AF:
82:F5:E0:E8:02:21:00:8C:B4:E1:69:C0:AD:18:0F:A0:
19:27:68:5E:F1:A8:EF:13:F3:E0:28:3F:7C:60:A9:E5:
95:9A:96:4E:68:19:1A
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
Timestamp : Mar 12 21:41:18.538 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:4B:AD:48:34:0D:DF:66:AD:ED:36:53:A1:
F9:C1:A0:50:EC:8C:1F:35:C3:C6:B4:F7:54:96:B4:89:
DF:FB:17:FF:02:20:65:74:7B:38:E1:60:2C:79:7A:DD:
93:16:80:CC:37:B8:9E:4C:C4:07:EA:25:2E:BA:2D:D3:
7C:83:15:A1:1E:B5

SSL check results of rk-mail.net