SSL check results of emailn.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for emailn.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Mon, 07 Sep 2020 00:29:01 +0000

The mailservers of emailn.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @emailn.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.emailn.de
46.182.21.2
10
supported
*.emailn.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
5 s

Outgoing Mails

We have received emails from these servers with @emailn.de sender addresses. Test mail delivery

Host TLS Version & Cipher
2-21-182-46.nbiserv.com (46.182.21.2)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
mail.emailn.de (46.182.20.28)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=*.emailn.de

Certificate chain
Subject
Common Name (CN)
  • *.emailn.de
Alternative Names
  • *.emailn.de
  • emailn.de
Issuer
Country (C)
  • BE
Organization (O)
  • GlobalSign nv-sa
Common Name (CN)
  • AlphaSSL CA - SHA256 - G2
validity period
Not valid before
2020-06-20
Not valid after
2022-06-21
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
63:D3:13:99:C8:45:63:FB:6A:19:95:FD:0E:AE:BF:91:4F:65:57:F2:DD:01:5F:6C:5B:A2:2A:FB:5C:69:4A:90
SHA1
E9:4C:70:70:0F:37:89:FB:6D:E1:1E:5E:87:C2:17:E8:E1:CA:88:ED
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt
  • OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2
certificatePolicies
  • Policy: 1.3.6.1.4.1.4146.1.10.10
  • CPS: https://www.globalsign.com/repository/
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://crl2.alphassl.com/gs/gsalphasha2g2.crl
authorityKeyIdentifier
  • keyid:F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7
subjectKeyIdentifier
  • FD:EC:89:64:18:4B:A9:98:9A:6C:34:D4:AE:3D:47:43:80:FC:87:62
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : Jun 20 12:54:09.006 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:2D:C2:7C:0C:69:7B:B6:2D:D0:E2:4A:5F:
  • 53:0F:08:D2:DE:06:75:DE:5E:B4:32:BD:FF:51:16:D1:
  • 3B:92:A9:25:02:20:22:A4:3F:D6:7B:86:E7:89:A5:D6:
  • F5:9A:13:1A:6A:E2:D3:1F:B9:9A:75:72:2F:4E:31:95:
  • E4:17:FB:2E:BB:C0
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
  • BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
  • Timestamp : Jun 20 12:54:08.933 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:26:10:F8:8B:52:95:05:2B:1B:62:D6:FB:
  • E8:7C:6B:73:AE:4D:72:DC:65:88:1D:4F:EB:2B:DA:C7:
  • D8:09:2E:45:02:21:00:E9:1F:CE:45:E2:6B:14:1E:E2:
  • AA:AA:6F:93:38:E2:04:C7:43:D0:B7:AC:35:69:C6:A6:
  • 18:E4:9C:0B:0F:86:B4
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
  • C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
  • Timestamp : Jun 20 12:54:08.975 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:A6:DB:C7:D0:B6:1C:51:F2:BA:2E:7F:
  • CF:73:CA:2B:3B:DB:99:00:25:85:FA:CA:06:69:33:A8:
  • AA:B5:A6:40:B8:02:20:66:57:E4:FF:B0:04:F6:EB:61:
  • 6D:CE:6F:25:A5:85:0B:D5:FF:BC:64:EC:37:26:35:6D:
  • DD:FE:5D:DD:BF:B2:00

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.emailn.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mail.emailn.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid