scheler.com - TLS / STARTTLS Test

Discover if the mail servers for scheler.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 06 Nov 2024 12:34:24 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of scheler.com can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @scheler.com addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
smtp.scheler.com 2a02:c206:3006:6223::1	73	supported	smtp.scheler.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-11-06 2 s
smtp.scheler.com 161.97.140.44	73	supported	smtp.scheler.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-11-06 2 s

Outgoing Mails

We have received emails from these servers with @scheler.com sender addresses. Test mail delivery

Host	TLS Version & Cipher
mout.kundenserver.de (212.227.17.10)	TLSv1.3 TLS_AES_256_GCM_SHA384	2021-05-11
mout.kundenserver.de (212.227.126.131)	TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256	2020-03-20

Certificates

First seen at: 2024-11-06

CN=smtp.scheler.com

Certificate chain

smtp.scheler.com
- 2024-12-30 remaining
- 256 bit
- ecdsa-with-SHA384

Subject

Common Name (CN)

smtp.scheler.com

Alternative Names

smtp.scheler.com

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2024-10-01
Not valid after: 2024-12-30

This certifcate has been verified for the following usages:

Digital Signature
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 35:94:2C:5B:0D:35:28:4F:68:47:82:CD:EF:BA:BA:60:41:F3:BA:10:90:7B:B1:78:53:9C:4C:15:C2:B9:B8:68
SHA1: 63:00:57:23:29:1E:E3:79:9E:99:D7:D9:D6:1A:20:65:80:48:C1:B3

X509v3 extensions

subjectKeyIdentifier

F1:5E:F4:B2:8B:73:79:9A:81:CA:BC:1F:4D:36:01:A4:A6:60:C3:52

authorityKeyIdentifier

keyid:93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2

authorityInfoAccess

OCSP - URI:http://e6.o.lencr.org
CA Issuers - URI:http://e6.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Oct 1 18:45:55.872 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:7C:47:84:20:50:92:3D:82:CE:FC:78:3E:
6C:73:F1:6B:5E:1C:A3:56:45:C4:10:96:87:90:0F:65:
24:FB:E9:8E:02:21:00:B6:E1:09:0A:98:60:E7:6A:B9:
99:9A:CA:30:4E:A0:E8:76:2F:5E:2F:5D:BC:95:0C:62:
9B:4B:17:C3:48:9F:89
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
Timestamp : Oct 1 18:45:55.986 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:EF:A6:1E:A4:D4:09:1A:AA:2E:A3:10:
EA:D2:08:8E:4D:66:31:40:6D:A2:BE:19:D3:17:0D:2E:
A7:CD:22:89:F3:02:20:09:B7:25:E0:AF:FA:85:F5:E1:
73:B7:02:3A:2E:39:CC:2B:F5:8E:C9:DC:3D:6E:BA:E9:
F6:A8:AF:F3:AB:3A:1B

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.smtp.scheler.com	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid
_25._tcp.smtp.scheler.com	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	valid

SSL check results of scheler.com