SSL-Tools

SSL check results of elmail.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for elmail.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 18 Apr 2023 12:05:13 +0000

The mailservers of elmail.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @elmail.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
gw.elmail.de
83.236.194.22
 10
supported
gw.elmail.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have received emails from these servers with @elmail.de sender addresses. Test mail delivery

Host TLS Version & Cipher
gw.elmail.de (83.236.194.22)
TLSv1.3 TLS_AES_256_GCM_SHA384

Certificates

First seen at:

CN=gw.elmail.de

Certificate chain
Subject
Common Name (CN)
  • gw.elmail.de
Alternative Names
  • gw.elmail.de
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • RapidSSL TLS RSA CA G1
validity period
Not valid before
2023-03-18
Not valid after
2024-03-17
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
63:4E:6D:D4:E7:8E:3F:38:A1:B9:64:3D:2D:91:C9:FA:4B:7D:57:2A:49:23:BA:9C:5B:9B:D2:77:EC:89:FF:86
SHA1
8D:57:5E:BE:98:15:A7:D7:31:26:25:46:41:5B:D5:C4:0B:77:68:14
X509v3 extensions
authorityKeyIdentifier
  • keyid:0C:DB:6C:82:49:0F:4A:67:0A:B8:14:EE:7A:C4:48:52:88:EB:56:38
subjectKeyIdentifier
  • 6D:02:09:9D:E5:F4:4F:14:FA:51:36:2E:64:86:1C:49:82:FF:F7:DF
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.rapidssl.com/RapidSSLTLSRSACAG1.crl
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • CPS: http://www.digicert.com/CPS
authorityInfoAccess
  • OCSP - URI:http://status.rapidssl.com
  • CA Issuers - URI:http://cacerts.rapidssl.com/RapidSSLTLSRSACAG1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Mar 18 11:57:24.880 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:1E:0F:CD:A8:4B:E8:1E:49:3C:17:EB:4E:
  • C8:05:57:A9:3A:BB:95:F1:74:94:6A:FE:A0:EA:86:B9:
  • 39:D7:E1:AE:02:21:00:93:52:6B:A3:9B:BC:EC:43:33:
  • 4E:78:D0:7E:1C:4B:94:15:E1:63:68:74:F3:51:D9:36:
  • CF:7F:48:D7:EC:F4:79
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 73:D9:9E:89:1B:4C:96:78:A0:20:7D:47:9D:E6:B2:C6:
  • 1C:D0:51:5E:71:19:2A:8C:6B:80:10:7A:C1:77:72:B5
  • Timestamp : Mar 18 11:57:24.888 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:4E:BA:64:BF:DF:41:8B:AB:4B:79:CE:A8:
  • FB:17:AD:72:21:C9:9B:1C:3D:9B:D5:D8:85:69:31:73:
  • 84:F2:0B:6A:02:20:3A:42:07:7C:53:DC:4A:E8:1C:3F:
  • 7E:99:76:A5:12:3C:1B:BB:59:87:2D:A2:2F:89:33:1D:
  • D0:22:DB:D9:C7:BA
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Mar 18 11:57:24.817 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:7F:ED:2B:33:C9:AB:E0:FA:B0:88:FA:B5:
  • 4D:48:77:0C:99:37:B9:01:14:4B:BA:2D:62:B4:5C:5A:
  • FF:B5:51:EB:02:21:00:A8:4D:93:C8:2E:5C:06:3B:C5:
  • 1A:A7:DF:AC:8F:CE:3A:78:7E:6D:D6:BB:CE:1C:E0:A3:
  • 17:9A:BD:5B:77:BD:5E

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.gw.elmail.de
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid