SSL check results of anonaddy.me

NEW You can also bulk check multiple servers.

Discover if the mail servers for anonaddy.me can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Wed, 13 Jan 2021 22:48:09 +0000

The mailservers of anonaddy.me can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @anonaddy.me addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.anonaddy.me
2a00:c6c0:0:108:3::10
10
supported
anonaddy.me
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
8 s
mail.anonaddy.me
213.108.105.57
10
supported
anonaddy.me
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
8 s

Outgoing Mails

We have not received any emails from a @anonaddy.me address so far. Test mail delivery

Certificates

First seen at:

CN=anonaddy.me

Certificate chain
  • anonaddy.me
    • remaining
    • 256 bit
    • sha256WithRSAEncryption

      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption

Subject
Common Name (CN)
  • anonaddy.me
Alternative Names
  • *.anonaddy.me
  • anonaddy.me
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2020-12-25
Not valid after
2021-03-25
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
DE:B1:98:68:FD:3E:31:31:1C:4C:06:EB:98:48:81:20:C7:A4:79:42:15:C9:91:25:2A:5C:F1:50:69:3E:94:34
SHA1
DF:82:72:32:68:A5:FA:C5:F5:3A:80:90:B8:FB:33:32:D0:59:86:7B
X509v3 extensions
subjectKeyIdentifier
  • 20:E2:BB:8B:19:B0:AC:93:59:06:D0:FA:C2:B7:FD:66:73:B7:2B:94
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 94:20:BC:1E:8E:D5:8D:6C:88:73:1F:82:8B:22:2C:0D:
  • D1:DA:4D:5E:6C:4F:94:3D:61:DB:4E:2F:58:4D:A2:C2
  • Timestamp : Dec 26 00:02:55.083 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:CE:E0:D4:53:2B:BD:D5:62:5B:F3:E0:
  • A2:F5:DC:CA:2C:92:58:1E:E1:64:6C:B0:FC:01:72:3C:
  • BC:E9:A9:EA:75:02:21:00:F8:D6:78:C2:F4:11:3F:5E:
  • D0:01:2E:AE:87:75:13:C2:DF:79:F1:22:0C:56:CF:1F:
  • 6B:59:0A:CF:79:69:82:09
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
  • 79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
  • Timestamp : Dec 26 00:02:55.155 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:19:DC:81:A3:D7:48:61:09:36:A7:F9:0F:
  • 45:A9:AC:C2:9E:55:02:16:6A:42:AC:99:43:62:E0:B7:
  • 9F:76:04:88:02:20:25:FD:33:A5:CE:1D:47:E3:C4:B9:
  • 34:D2:A5:B7:07:B6:41:27:2F:45:8D:B1:58:00:DD:B3:
  • 1B:A2:87:11:EC:44

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.anonaddy.me
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.anonaddy.me
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid