desay.com - TLS / STARTTLS Test

Discover if the mail servers for desay.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 25 Jul 2025 02:42:41 +0000

Certificates

Problems found
Protocol

Secure
DANE

Missing

We can not guarantee a secure connection to the mailservers of desay.com!

Please contact the operator of desay.com and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/desay.com

Servers

Incoming Mails

These servers are responsible for incoming mails to @desay.com addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail1.desay.com 119.146.95.182	10	supported	mail.desay.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2025-07-25 9 s
mx-desay-com-cn.icoremail.net 165.154.206.37 Results incomplete	15	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-07-25 2 s
mx-desay-com-cn.icoremail.net 101.36.119.118 Results incomplete	15	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-07-25 1 s
mx-desay-com-cn.icoremail.net 152.32.234.63 Results incomplete	15	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-07-25 2 s
desay.icoremail.net 101.36.119.118 Results incomplete	20	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-07-25 3 s
desay.icoremail.net 152.32.185.215 Results incomplete	20	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-07-25 3 s

Outgoing Mails

We have not received any emails from a @desay.com address so far. Test mail delivery

Certificates

First seen at: 2025-07-25

CN=mail.desay.com

Certificate chain

mail.desay.com
- 2025-10-14 remaining
- 2048 bit
- sha256WithRSAEncryption
- Hostname Mismatch

Subject

Common Name (CN)

mail.desay.com

Alternative Names

mail.desay.com

Issuer

Country (C)

Organization (O)

TrustAsia Technologies, Inc.

Common Name (CN)

TrustAsia DV TLS RSA CA 2025

validity period

Not valid before: 2025-07-17
Not valid after: 2025-10-14

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 52:6F:9C:3B:0B:AE:05:B6:1F:F2:E0:99:58:6A:31:37:E1:2D:3D:3F:54:9B:13:F4:DC:F2:5E:07:A4:05:F8:B2
SHA1: 27:0D:AE:D3:06:70:5B:AF:E0:40:AE:65:46:49:9C:3B:B6:40:1D:31

X509v3 extensions

authorityKeyIdentifier

keyid:B4:12:28:A5:B4:C0:1D:9F:29:71:69:3C:D9:11:96:4A:75:69:50:C0

subjectKeyIdentifier

E3:17:38:93:B8:EB:25:AC:79:4E:C2:30:8E:22:51:8A:89:2A:09:11

certificatePolicies

Policy: 2.23.140.1.2.1
CPS: http://www.digicert.com/CPS

authorityInfoAccess

OCSP - URI:http://ocsp.digicert.com
CA Issuers - URI:http://cacerts.digicert.com/TrustAsiaDVTLSRSACA2025.crt

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
Timestamp : Jul 17 08:41:50.072 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:22:44:37:64:9B:11:CB:0B:A5:CC:E6:50:
75:28:99:DB:C4:86:17:0C:14:3D:69:8C:FF:73:9D:70:
FC:56:A3:DD:02:20:3F:4F:5D:0C:89:2F:B9:AC:FC:2A:
4A:28:18:C7:8C:87:38:ED:51:D7:8B:26:4A:16:FC:1B:
FE:51:E7:2E:6E:9A
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : ED:3C:4B:D6:E8:06:C2:A4:A2:00:57:DB:CB:24:E2:38:
01:DF:51:2F:ED:C4:86:C5:70:0F:20:DD:B7:3E:3F:E0
Timestamp : Jul 17 08:41:50.059 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:0D:46:CE:29:1F:77:31:35:68:7F:6A:1A:
18:F7:CE:93:86:BE:03:49:F3:D3:3F:C7:6F:31:08:26:
EB:45:3C:96:02:20:58:5F:B2:4F:AE:70:19:ED:6B:FD:
5A:A4:9C:AD:B0:63:DB:95:2E:B7:EE:C3:7E:10:18:F8:
7C:37:95:2E:5C:83
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A4:42:C5:06:49:60:61:54:8F:0F:D4:EA:9C:FB:7A:2D:
26:45:4D:87:A9:7F:2F:DF:45:59:F6:27:4F:3A:84:54
Timestamp : Jul 17 08:41:50.071 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:28:39:4B:76:95:48:25:61:BA:34:1B:DE:
18:C4:BE:DA:6A:A2:96:49:0C:60:B6:6E:4A:A2:4B:07:
0B:E5:1C:AB:02:21:00:8C:4F:6E:3A:91:62:90:5D:F5:
33:66:5F:6F:7F:C6:5C:C7:91:CC:C8:77:B5:A5:94:0A:
CA:A5:5F:A6:46:F2:E7

SSL check results of desay.com