christian-eyrich.de - TLS / STARTTLS Test

Discover if the mail servers for christian-eyrich.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 19 Feb 2025 01:38:28 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of christian-eyrich.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @christian-eyrich.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mx6.eyserver.de 2a03:4000:29:68d:ff64::e10f	10	supported	eyserver.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-02-19 4 s
mx4.eyserver.de 94.16.119.13	10	supported	eyserver.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-02-19 2 s

Outgoing Mails

We have not received any emails from a @christian-eyrich.de address so far. Test mail delivery

Certificates

First seen at: 2025-02-15

CN=eyserver.de

Certificate chain

eyserver.de
- 2025-05-10 remaining
- 4096 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

eyserver.de

Alternative Names

*.eyserver.de
*.local.eyserver.de
eyserver.de

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-02-09
Not valid after: 2025-05-10

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: E5:D1:16:56:12:B9:15:83:02:8B:18:19:66:22:D4:9B:C3:2A:41:07:BF:35:51:E9:08:4D:7A:13:60:11:52:33
SHA1: A7:F2:F9:4C:11:A8:F6:C3:BB:66:62:E2:88:30:C5:83:49:18:A8:9B

X509v3 extensions

subjectKeyIdentifier

D2:14:9F:3D:D8:3F:AA:30:80:2B:E2:77:EB:33:08:77:1F:9F:7C:20

authorityKeyIdentifier

keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9

authorityInfoAccess

OCSP - URI:http://r11.o.lencr.org
CA Issuers - URI:http://r11.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
Timestamp : Feb 9 19:04:12.377 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:C6:35:C1:C3:87:4B:DA:A1:24:96:1C:
79:CF:59:83:4E:43:91:32:84:2F:31:3D:6D:93:40:E2:
7D:6F:6A:35:61:02:20:63:D7:64:42:34:8B:1D:4A:1C:
03:B5:4E:FA:AC:8E:9B:88:2C:A5:25:11:68:5F:76:14:
56:5C:63:08:14:6C:69
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
Timestamp : Feb 9 19:04:12.608 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:DA:AB:A3:37:3D:8E:B8:1D:D9:8B:EE:
30:E6:05:4B:61:D2:D9:AB:8F:AB:8C:C8:CF:16:A6:07:
F9:EC:3E:37:98:02:20:02:C1:D4:49:2B:DC:48:DB:81:
4E:45:BC:C0:91:A3:80:D9:17:72:83:68:8F:9E:77:66:
56:A6:AE:3D:1C:D6:FF

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mx6.eyserver.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	—
_25._tcp.mx6.eyserver.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid
_25._tcp.mx4.eyserver.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	—
_25._tcp.mx4.eyserver.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid

SSL check results of christian-eyrich.de