blue-neutrino.com - TLS / STARTTLS Test

Discover if the mail servers for blue-neutrino.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 14 Apr 2025 22:09:31 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of blue-neutrino.com can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @blue-neutrino.com addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
xenon.blue-neutrino.com 2a03:4000:32:638::1	10	supported	xenon.blue-neutrino.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-04-14 1 s
xenon.blue-neutrino.com 85.235.65.127	10	supported	xenon.blue-neutrino.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-04-14 1 s

Outgoing Mails

We have not received any emails from a @blue-neutrino.com address so far. Test mail delivery

Certificates

First seen at: 2025-04-14

CN=xenon.blue-neutrino.com

Certificate chain

xenon.blue-neutrino.com
- 2025-07-13 remaining
- 4096 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

xenon.blue-neutrino.com

Alternative Names

mail.blue-neutrino.com
xenon.blue-neutrino.com

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-04-14
Not valid after: 2025-07-13

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 02:4F:B5:BA:27:45:F6:7E:5F:C2:95:43:53:91:81:33:31:C2:EF:22:A2:28:3D:20:89:E3:F6:3E:B9:21:94:49
SHA1: C7:DF:A5:82:63:5A:8A:34:E1:9C:48:D6:6A:A7:0D:C9:82:CE:F8:52

X509v3 extensions

subjectKeyIdentifier

19:FF:A2:42:74:38:CE:FE:6A:47:D9:E5:80:90:A8:14:86:FC:2C:1C

authorityKeyIdentifier

keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8

authorityInfoAccess

OCSP - URI:http://r10.o.lencr.org
CA Issuers - URI:http://r10.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://r10.c.lencr.org/104.crl

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
Timestamp : Apr 14 21:35:11.596 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:2B:09:24:E0:F5:9C:31:00:62:71:D9:F0:
E7:A5:B1:D8:47:3A:68:44:CA:52:3C:5B:27:02:5C:FD:
77:35:B7:A1:02:20:18:0A:99:07:9B:23:7D:84:8A:59:
E5:F3:D3:EB:23:4D:80:8A:18:BD:79:81:6B:F4:E2:25:
78:26:52:CE:5D:02
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : AF:18:1A:28:D6:8C:A3:E0:A9:8A:4C:9C:67:AB:09:F8:
BB:BC:22:BA:AE:BC:B1:38:A3:A1:9D:D3:F9:B6:03:0D
Timestamp : Apr 14 21:35:12.154 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:E4:C3:BB:9E:28:C6:DA:03:CC:29:77:
E3:9E:0D:9B:BA:13:5B:20:6C:CF:AB:41:5D:19:91:45:
87:01:A4:F0:27:02:20:22:D5:B2:5E:17:32:12:77:D2:
B0:2C:BD:FB:33:C3:89:41:0C:6E:36:03:C7:A3:C2:40:
9C:50:08:D0:74:FC:7B

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.xenon.blue-neutrino.com	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid
_25._tcp.xenon.blue-neutrino.com	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—

SSL check results of blue-neutrino.com