SSL check results of anonaddy.me

NEW You can also bulk check multiple servers.

Discover if the mail servers for anonaddy.me can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sat, 10 May 2025 14:22:58 +0000

The mailservers of anonaddy.me can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @anonaddy.me addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail2.anonaddy.me
2a04:3544:8000:1000:e8b5:6ff:fe29:56c
5
supported
anonaddy.me
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mail2.anonaddy.me
185.70.196.149
5
supported
anonaddy.me
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mail.anonaddy.me
2a00:c6c0:0:108:3::10
10
supported
anonaddy.me
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mail.anonaddy.me
213.108.105.57
10
supported
anonaddy.me
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @anonaddy.me address so far. Test mail delivery

Certificates

First seen at:

CN=anonaddy.me

Certificate chain
  • anonaddy.me
    • remaining
    • 256 bit
    • ecdsa-with-SHA384

      • E5
        • remaining
        • 384 bit
        • sha256WithRSAEncryption

          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption

Subject
Common Name (CN)
  • anonaddy.me
Alternative Names
  • *.anonaddy.me
  • anonaddy.me
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E5
validity period
Not valid before
2025-04-08
Not valid after
2025-07-07
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
7D:4E:D1:F5:DB:5A:FD:2B:2D:33:72:28:AF:DC:DB:7E:8E:E3:F3:24:92:CD:26:D2:BC:2F:E1:DF:77:CF:35:C8
SHA1
D0:9F:E3:6A:14:4B:82:71:14:DB:5C:21:1D:71:BF:23:84:A3:26:11
X509v3 extensions
subjectKeyIdentifier
  • 6A:85:37:C0:FF:F1:95:36:C2:97:AF:47:56:66:57:05:A9:D8:BE:F8
authorityKeyIdentifier
  • keyid:9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D
authorityInfoAccess
  • OCSP - URI:http://e5.o.lencr.org
  • CA Issuers - URI:http://e5.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://e5.c.lencr.org/113.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
  • 87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
  • Timestamp : Apr 8 23:01:13.487 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:F1:9B:41:95:B2:56:CC:BC:48:01:DA:
  • 75:66:07:21:FD:33:B5:0A:D9:F9:28:1D:9D:D2:3E:AC:
  • AB:C6:75:0F:D7:02:21:00:98:9C:FF:EA:9A:F1:8F:93:
  • 8F:DA:F0:D8:84:86:05:46:7B:1B:8A:8F:2F:17:8B:CC:
  • 6E:56:3A:7E:D3:8C:26:D4
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Apr 8 23:01:13.511 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:98:BC:9B:A0:1D:75:30:3A:18:0A:5C:
  • 42:A0:61:AC:A5:64:64:7B:AE:AA:CD:6F:BA:AF:52:00:
  • 2F:32:DA:90:31:02:20:28:48:5F:A1:02:69:6A:62:CB:
  • 67:9E:40:D0:06:70:EC:8F:B5:E8:16:3E:B1:B0:EE:67:
  • E2:FC:65:42:DA:69:B2

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.anonaddy.me
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.anonaddy.me
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mail2.anonaddy.me
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail2.anonaddy.me
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid