SSL-Tools

SSL check results of emailn.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for emailn.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 07 May 2026 11:56:10 +0000

The mailservers of emailn.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @emailn.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.emailn.de
178.63.251.174
 10
supported
emg.emailn.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s

Outgoing Mails

We have received emails from these servers with @emailn.de sender addresses. Test mail delivery

Host TLS Version & Cipher
mail.emailn.de (46.182.21.2)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
mail.emailn.de (46.182.20.28)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=emg.emailn.de

Certificate chain
  • emg.emailn.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R12
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • emg.emailn.de
Alternative Names
  • emg.emailn.de
  • filter.emailn.de
  • mx1.emailn.de
  • mx1.firemail.de
  • mx1.skymail.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R12
validity period
Not valid before
2026-03-24
Not valid after
2026-06-22
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
CB:66:13:33:29:64:35:A6:20:D5:23:81:8F:3C:B6:A1:CE:A8:43:A9:2C:8A:4C:0F:F4:23:48:D3:3E:89:BE:CF
SHA1
DF:3D:75:5A:32:77:E2:02:6B:42:A9:0C:E0:04:59:A7:A3:7D:6B:89
X509v3 extensions
subjectKeyIdentifier
  • 95:E3:D9:9A:A9:41:F2:03:5D:BC:DE:67:AD:D5:D3:1F:86:9A:A3:FC
authorityKeyIdentifier
  • keyid:00:B5:29:F2:2D:8E:6F:31:E8:9B:4C:AD:78:3E:FA:DC:E9:0C:D1:D2
authorityInfoAccess
  • CA Issuers - URI:http://r12.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r12.c.lencr.org/118.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
  • 4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
  • Timestamp : Mar 24 12:38:45.282 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:75:20:A8:B3:87:2C:30:75:B8:D6:BA:5C:
  • AD:26:3B:A4:BC:78:3B:10:CE:F9:84:80:6B:D5:A1:B4:
  • E4:FE:CC:C2:02:20:2E:FD:64:5B:EF:F2:FA:E2:83:75:
  • 2F:4D:34:6E:49:DC:C4:CB:0A:35:7C:06:87:89:DF:0C:
  • 05:8D:9E:58:34:8C
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 71:7E:95:F3:C2:38:8A:6D:B1:E3:84:49:3D:31:E1:5A:
  • A9:62:08:76:2D:42:00:E0:05:0C:D0:67:B5:A6:61:E2
  • Timestamp : Mar 24 12:38:45.407 2026 GMT
  • Extensions: 00:00:05:00:0C:76:C5:1B
  • Signature : ecdsa-with-SHA256
  • 30:44:02:1F:08:F4:04:E6:CD:9A:91:68:67:33:65:B2:
  • 72:78:FC:3F:67:B8:68:3D:DB:DB:A7:2E:1F:56:34:8D:
  • 88:48:85:02:21:00:F5:AD:6F:34:0F:ED:0F:A9:9C:23:
  • 87:3C:D6:E5:5A:9F:BB:4E:0E:81:9F:F1:EC:9D:AD:66:
  • 98:78:61:A5:C8:92

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx1.emailn.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
error
Debug
valid