SSL check results of arcor.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for arcor.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sun, 30 Aug 2020 18:56:26 +0000

We can not guarantee a secure connection to the mailservers of arcor.de!

Please contact the operator of arcor.de and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/arcor.de

Servers

Incoming Mails

These servers are responsible for incoming mails to @arcor.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx002.vodafonemail.xion.oxcs.net
157.97.76.175
10
supported
*.oxcloud-vadesecure.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
14 s
mx001.vodafonemail.xion.oxcs.net
157.97.76.174
10
supported
*.oxcloud-vadesecure.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
14 s
mx004.vodafonemail.xion.oxcs.net
157.97.76.175
Results incomplete
10
supported
not checked
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mx003.vodafonemail.xion.oxcs.net
157.97.76.174
10
supported
*.oxcloud-vadesecure.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
14 s

Outgoing Mails

We have received emails from these servers with @arcor.de sender addresses. Test mail delivery

Host TLS Version & Cipher
vsmx012.vodafonemail.xion.oxcs.net (153.92.174.90)
TLSv1.2 AECDH-AES256-SHA
mx009.vodafonemail.xion.oxcs.net (153.92.174.39)
TLSv1.2 AECDH-AES256-SHA
vsmx011.vodafonemail.xion.oxcs.net (153.92.174.89)
TLSv1.2 AECDH-AES256-SHA
vsmx009.vodafonemail.xion.oxcs.net (153.92.174.87)
TLSv1.2 AECDH-AES256-SHA
mx2a.mailbox.org (80.241.60.219)
TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305

Certificates

First seen at:

CN=*.oxcloud-vadesecure.net,OU=Gandi Standard Wildcard SSL,OU=Domain Control Validated

Certificate chain
Subject
Organizational Unit (OU)
  • Domain Control Validated
  • Gandi Standard Wildcard SSL
Common Name (CN)
  • *.oxcloud-vadesecure.net
Alternative Names
  • *.oxcloud-vadesecure.net
  • oxcloud-vadesecure.net
Issuer
Country (C)
  • FR
State (ST)
  • Paris
Locality (L)
  • Paris
Organization (O)
  • Gandi
Common Name (CN)
  • Gandi Standard SSL CA 2
validity period
Not valid before
2019-08-12
Not valid after
2021-09-08
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
2B:86:D6:69:EE:20:2E:F0:FD:5A:E7:E1:02:73:22:50:7C:5E:49:77:C9:AB:62:87:15:72:05:E6:95:EB:22:84
SHA1
B6:D8:DF:55:2C:6B:5D:3B:53:C1:5E:AC:4F:DB:99:1D:65:8F:B5:86
X509v3 extensions
authorityKeyIdentifier
  • keyid:B3:90:A7:D8:C9:AF:4E:CD:61:3C:9F:7C:AD:5D:7F:41:FD:69:30:EA
subjectKeyIdentifier
  • 16:DC:53:8D:53:F9:CB:D9:F0:FB:62:09:D8:A1:DD:99:21:B9:B1:6B
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.26
  • CPS: https://cps.usertrust.com
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://crl.usertrust.com/GandiStandardSSLCA2.crl
authorityInfoAccess
  • CA Issuers - URI:http://crt.usertrust.com/GandiStandardSSLCA2.crt
  • OCSP - URI:http://ocsp.usertrust.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Aug 12 15:11:56.096 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:BC:74:BD:CD:0A:64:1C:12:91:F1:D4:
  • 68:67:77:BC:9B:4A:B2:C3:0E:3B:2E:1B:DC:97:A9:3D:
  • 6E:BD:FF:E5:3F:02:21:00:F2:A0:5D:7B:D4:9F:BB:BD:
  • 34:4F:90:24:16:14:77:23:0D:AC:A8:E0:9C:F7:31:86:
  • 38:77:1B:A0:40:31:79:59
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
  • DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
  • Timestamp : Aug 12 15:11:56.142 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:63:AC:C1:35:E1:D3:D6:E0:E9:05:45:7A:
  • 39:3D:7A:2C:46:EF:64:54:F6:8F:87:27:C4:E6:02:CD:
  • 9C:11:A1:91:02:20:7D:43:C3:6D:09:5C:C8:00:1B:2F:
  • C5:D3:8C:52:D1:3F:5A:B3:F3:8C:32:81:D6:F2:B8:6F:
  • 0E:D0:E6:0F:B4:D2
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
  • C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
  • Timestamp : Aug 12 15:11:56.088 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:02:89:81:B0:91:8F:4E:FF:11:7E:F7:90:
  • 04:C4:B2:13:D8:FC:54:41:A6:73:6A:5E:26:BC:D3:5D:
  • BD:BC:23:0A:02:20:3D:91:C4:69:45:0D:A2:9A:14:E3:
  • 92:45:BE:F4:9F:20:B2:40:E3:C2:63:FD:7E:1D:AE:CF:
  • 59:7A:C5:01:39:54