SSL check results of diquest.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for diquest.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Fri, 23 Oct 2020 12:00:35 +0000

We can not guarantee a secure connection to the mailservers of diquest.net!

Please contact the operator of diquest.net and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/diquest.net

Servers

Incoming Mails

These servers are responsible for incoming mails to @diquest.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx.junkemailfilter.com
184.105.182.188
10
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
9 s
mx.junkemailfilter.net
184.105.182.41
20
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s
mx.junkemailfilter.net
184.105.182.40
20
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s
mx.junkemailfilter.org
184.105.182.229
25
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
38 s
mx.junkemailfilter.org
184.105.182.218
25
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.0
  • SSLv3
11 s
mx.junkemailfilter.org
184.105.182.210
25
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.0
  • SSLv3
31 s
mx.junkemailfilter.org
184.105.182.219
25
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • SSLv3
18 s
mx.junkemailfilter.org
184.105.182.220
Results incomplete
25
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mx.junkemailfilter.org
184.105.182.228
25
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • SSLv3
18 s

Outgoing Mails

We have not received any emails from a @diquest.net address so far. Test mail delivery

Certificates

First seen at:

CN=junkemailfilter.com

Certificate chain
Subject
Common Name (CN)
  • junkemailfilter.com
Alternative Names
  • *.junkemailfilter.com
  • junkemailfilter.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2020-09-08
Not valid after
2020-12-07
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
43:5D:02:4F:0D:CF:B7:43:AA:37:C0:10:70:87:72:9F:B4:C0:00:8C:19:14:4D:41:38:13:5C:91:93:F9:EC:A2
SHA1
E5:A8:79:18:6C:A0:C1:5F:7F:51:BF:17:2D:34:B6:9C:DC:DB:5F:BB
X509v3 extensions
subjectKeyIdentifier
  • EE:4F:47:AA:8B:80:50:AF:F7:26:87:77:FD:08:C7:B7:F3:5B:C7:2A
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F0:95:A4:59:F2:00:D1:82:40:10:2D:2F:93:88:8E:AD:
  • 4B:FE:1D:47:E3:99:E1:D0:34:A6:B0:A8:AA:8E:B2:73
  • Timestamp : Sep 8 10:37:19.023 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:8F:78:C6:B4:48:C6:B4:6A:FB:2C:94:
  • 67:E2:EB:47:2D:C7:4A:4D:E3:78:10:71:F4:83:59:1D:
  • 7E:24:B6:EC:68:02:20:14:27:C2:BC:0A:67:14:35:88:
  • 96:C0:F6:9C:BF:D4:ED:43:04:C9:71:2F:0B:32:7D:F9:
  • D9:36:C8:C8:44:62:15
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 07:B7:5C:1B:E5:7D:68:FF:F1:B0:C6:1D:23:15:C7:BA:
  • E6:57:7C:57:94:B7:6A:EE:BC:61:3A:1A:69:D3:A2:1C
  • Timestamp : Sep 8 10:37:19.069 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:20:5B:29:DE:C9:4A:4E:B6:5A:AB:A0:4A:
  • EA:01:82:B1:97:F4:63:C1:CA:B0:12:B3:D1:EC:68:58:
  • C5:5D:2F:BD:02:21:00:EE:85:E0:BB:F9:8E:F4:EC:42:
  • BA:CA:52:5F:F7:A5:2E:D7:EA:54:43:B8:0A:76:4A:5B:
  • FC:DE:C2:C3:FC:28:01