SSL-Tools

SSL check results of supratel.es

NEW You can also bulk check multiple servers.

Discover if the mail servers for supratel.es can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 04 Feb 2025 22:23:53 +0000

The mailservers of supratel.es can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @supratel.es addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
box.supratel.es
2a03:c7c0:51:2::511a
 10
supported
mta-sts.supratel.es
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
4 s
box.supratel.es
185.47.131.131
 10
supported
mta-sts.supratel.es
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
4 s

Outgoing Mails

We have not received any emails from a @supratel.es address so far. Test mail delivery

Certificates

First seen at:

CN=mta-sts.supratel.es

Certificate chain
  • mta-sts.supratel.es
    • remaining
    • 256 bit
    • ecdsa-with-SHA384
      • E6
        • remaining
        • 384 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mta-sts.supratel.es
Alternative Names
  • box.supratel.es
  • mta-sts.supratel.es
  • supratel.es
  • webmail.supratel.es
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E6
validity period
Not valid before
2025-01-16
Not valid after
2025-04-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
7E:54:1C:FB:7F:89:41:60:36:8B:30:DD:E3:73:D8:F0:EB:6E:E7:75:B0:EE:64:99:0E:EE:14:E3:31:61:10:64
SHA1
67:3A:34:49:81:8F:8B:48:94:BC:D1:6F:69:FA:27:B5:9A:3F:EC:A1
X509v3 extensions
subjectKeyIdentifier
  • AD:22:3B:D2:9A:DE:B7:4D:9D:DF:11:0A:E9:4B:14:BD:D1:42:0E:61
authorityKeyIdentifier
  • keyid:93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
authorityInfoAccess
  • OCSP - URI:http://e6.o.lencr.org
  • CA Issuers - URI:http://e6.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 73:20:22:0F:08:16:8A:F9:F3:C4:A6:8B:0A:B2:6A:9A:
  • 4A:00:EE:F5:77:85:8A:08:4D:05:00:D4:A5:42:44:59
  • Timestamp : Jan 16 17:46:06.987 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:8C:41:AB:7F:81:36:E0:85:92:09:42:
  • 19:C2:9C:3C:96:82:15:E1:A2:73:CC:F3:5D:DF:B0:2A:
  • 09:1D:2E:E1:5F:02:20:1E:4F:10:90:9A:92:87:74:C6:
  • 69:7C:FE:A0:72:E4:E4:BF:09:A8:90:9D:87:9D:2F:06:
  • 12:86:2C:CD:39:CD:04
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
  • 1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
  • Timestamp : Jan 16 17:46:06.983 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:40:83:A1:43:66:C3:6F:17:D9:80:DA:B5:
  • D3:F3:8C:AD:58:D1:70:9B:C8:41:1E:65:72:87:1A:3F:
  • 3E:79:BF:B2:02:21:00:F9:FE:EF:6C:6B:77:36:3C:0C:
  • 7B:0E:57:13:25:E2:BF:64:00:3C:8B:B1:A7:F9:0F:E4:
  • 98:4A:D4:61:C1:91:FC

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.box.supratel.es
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.box.supratel.es
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid