airies.ch - TLS / STARTTLS Test

Discover if the mail servers for airies.ch can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 16 Jun 2025 00:30:16 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of airies.ch can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @airies.ch addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mta-gw.infomaniak.ch 2001:1600:0:aaaa::1:4	5	supported	mta-gw.infomaniak.ch	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2025-06-16 2 s
mta-gw.infomaniak.ch 2001:1600:0:aaaa::1:3	5	supported	mta-gw.infomaniak.ch	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2025-06-16 2 s
mta-gw.infomaniak.ch 83.166.143.58	5	supported	mta-gw.infomaniak.ch	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2025-06-16 2 s
mta-gw.infomaniak.ch 83.166.143.57	5	supported	mta-gw.infomaniak.ch	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2025-06-16 2 s

Outgoing Mails

We have not received any emails from a @airies.ch address so far. Test mail delivery

Certificates

First seen at: 2025-04-25

CN=mta-gw.infomaniak.ch

Certificate chain

mta-gw.infomaniak.ch
- 2025-07-22 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

mta-gw.infomaniak.ch

Alternative Names

mta-gw.infomaniak.ch
mx.infomaniak.com

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-04-23
Not valid after: 2025-07-22

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: E0:27:9C:2D:4A:1F:F0:45:F3:EE:77:8A:B0:47:B4:D6:F1:27:0F:6A:CE:6D:46:7E:A7:58:5D:E2:56:29:8F:0C
SHA1: F9:26:17:4D:A6:AF:68:B7:69:F5:A4:D7:74:34:22:66:7C:BB:88:0A

X509v3 extensions

subjectKeyIdentifier

0B:CD:9E:34:44:88:F5:74:B5:23:4A:DE:2A:2B:C7:77:62:8B:5D:86

authorityKeyIdentifier

keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9

authorityInfoAccess

OCSP - URI:http://r11.o.lencr.org
CA Issuers - URI:http://r11.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://r11.c.lencr.org/119.crl

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
Timestamp : Apr 23 22:41:00.965 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:13:F7:BF:5F:9D:F9:24:15:B7:6D:C1:9E:
D5:4B:26:1B:FC:2F:DF:04:AE:49:27:F8:A5:88:F3:D6:
12:C7:0D:68:02:20:3A:A3:90:A3:B0:22:6B:F6:38:EA:
14:3E:66:7F:9A:57:05:BA:97:1A:BE:65:98:19:37:1F:
88:B0:A5:99:10:9F
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A4:42:C5:06:49:60:61:54:8F:0F:D4:EA:9C:FB:7A:2D:
26:45:4D:87:A9:7F:2F:DF:45:59:F6:27:4F:3A:84:54
Timestamp : Apr 23 22:41:00.966 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:0E:98:8D:C4:E8:67:23:CB:37:74:8C:10:
ED:FC:68:77:7E:F1:9E:7F:BD:D8:D6:83:0F:88:99:B9:
E9:0B:AE:1F:02:21:00:8F:19:82:97:CB:01:C0:07:CF:
0F:6E:4C:D4:17:4E:00:24:FD:08:67:EF:42:EE:E6:BC:
E0:AE:58:0E:F2:30:B3

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mta-gw.infomaniak.ch	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid

SSL check results of airies.ch