dan-nelson.net - TLS / STARTTLS Test

Discover if the mail servers for dan-nelson.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 16 Apr 2024 23:37:40 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of dan-nelson.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @dan-nelson.net addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
in1-smtp.messagingengine.com 103.168.172.220	10	supported	*.messagingengine.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 13 s
in1-smtp.messagingengine.com 103.168.172.217	10	supported	*.messagingengine.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 12 s
in1-smtp.messagingengine.com 103.168.172.221	10	supported	*.messagingengine.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 12 s
in1-smtp.messagingengine.com 103.168.172.219	10	supported	*.messagingengine.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 12 s
in1-smtp.messagingengine.com 103.168.172.216	10	supported	*.messagingengine.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 12 s
in1-smtp.messagingengine.com 103.168.172.218	10	supported	*.messagingengine.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 12 s
in2-smtp.messagingengine.com 64.147.123.52	20	supported	*.messagingengine.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 14 s
in2-smtp.messagingengine.com 64.147.123.51	20	supported	*.messagingengine.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-16 14 s

Outgoing Mails

We have not received any emails from a @dan-nelson.net address so far. Test mail delivery

Certificates

First seen at: 2024-03-15

CN=*.messagingengine.com,O=FastMail Pty Ltd,L=Melbourne,ST=Victoria,C=AU

Certificate chain

*.messagingengine.com
- 2025-03-15 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Country (C)

State (ST)

Victoria

Locality (L)

Melbourne

Organization (O)

FastMail Pty Ltd

Common Name (CN)

*.messagingengine.com

Alternative Names

*.messagingengine.com
messagingengine.com
mail.messagingengine.com
dav.messagingengine.com
caldav.messagingengine.com
carddav.messagingengine.com

Issuer

Country (C)

Organization (O)

DigiCert Inc

Common Name (CN)

DigiCert Global G2 TLS RSA SHA256 2020 CA1

validity period

Not valid before: 2024-02-22
Not valid after: 2025-03-15

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: FE:D6:1F:CD:91:73:EB:35:77:64:8F:A8:FA:21:5C:AF:15:79:FF:3F:CC:70:C5:2D:AA:02:BB:2D:F1:B2:B4:FF
SHA1: 10:98:18:10:B7:91:4B:D2:6D:71:A8:9D:F9:F0:59:40:09:4C:77:AE

X509v3 extensions

authorityKeyIdentifier

keyid:74:85:80:C0:66:C7:DF:37:DE:CF:BD:29:37:AA:03:1D:BE:ED:CD:17

subjectKeyIdentifier

89:10:FD:AE:C1:6F:89:81:FE:74:8C:EF:92:9C:53:70:7D:E4:77:D8

certificatePolicies

Policy: 2.23.140.1.2.2
CPS: http://www.digicert.com/CPS

crlDistributionPoints

Full Name:
URI:http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
Full Name:
URI:http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl

authorityInfoAccess

OCSP - URI:http://ocsp.digicert.com
CA Issuers - URI:http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
Timestamp : Feb 22 05:46:58.456 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:15:80:FE:9C:75:15:E6:E6:40:21:49:B8:
EA:CD:0F:2B:2D:15:D1:96:59:2D:81:1A:E8:C3:71:5F:
4E:B2:A2:DB:02:20:69:2C:50:BF:80:0B:10:8D:7D:D7:
60:8C:B1:55:20:07:05:23:29:BE:CD:9E:CB:34:58:F2:
EB:D9:2E:02:BC:50
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
Timestamp : Feb 22 05:46:58.496 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:5C:B1:89:76:76:55:7F:8A:2A:D1:07:05:
48:77:79:38:8F:05:03:4C:38:E6:32:80:C9:66:BE:A1:
2A:82:EC:B6:02:21:00:E0:67:6A:41:0D:6C:52:C5:95:
F5:27:F3:1A:5D:7A:D3:F7:E9:01:24:79:A1:21:B6:B6:
20:65:1F:1D:4D:4B:A4
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
Timestamp : Feb 22 05:46:58.326 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:51:3E:D6:2D:A2:E6:5D:86:60:B1:A6:91:
39:35:88:E4:0F:21:B5:C9:55:76:5C:29:6D:E0:53:57:
98:E4:2B:41:02:21:00:C3:EC:C8:87:57:BD:D6:8F:73:
A8:6D:4D:7C:E1:FF:30:AC:C1:05:CF:BC:C9:92:C9:2C:
C1:2B:75:DB:9E:9E:A6

SSL check results of dan-nelson.net