SSL check results of emailn.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for emailn.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Mon, 13 Jan 2025 23:14:49 +0000

The mailservers of emailn.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @emailn.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.emailn.de
46.182.21.2
10
supported
*.emailn.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s

Outgoing Mails

We have received emails from these servers with @emailn.de sender addresses. Test mail delivery

Host TLS Version & Cipher
mail.emailn.de (46.182.21.2)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
mail.emailn.de (46.182.20.28)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=*.emailn.de

Certificate chain
Subject
Common Name (CN)
  • *.emailn.de
Alternative Names
  • *.emailn.de
  • emailn.de
Issuer
Country (C)
  • BE
Organization (O)
  • GlobalSign nv-sa
Common Name (CN)
  • GlobalSign GCC R6 AlphaSSL CA 2023
validity period
Not valid before
2024-07-30
Not valid after
2025-08-31
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
AF:0D:84:5A:9E:BE:5B:ED:D0:EF:A9:35:5D:55:D7:CE:1D:39:9E:8D:94:30:32:15:6E:CA:EF:D3:6A:D2:58:FC
SHA1
C9:C0:1E:5C:83:07:0A:73:DE:7B:AC:78:E3:94:09:F7:DD:5F:3B:20
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr6alphasslca2023.crt
  • OCSP - URI:http://ocsp.globalsign.com/gsgccr6alphasslca2023
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.4146.10.1.3
  • CPS: https://www.globalsign.com/repository/
crlDistributionPoints
  • Full Name:
  • URI:http://crl.globalsign.com/gsgccr6alphasslca2023.crl
authorityKeyIdentifier
  • keyid:BD:05:B7:F3:8A:93:3C:73:CB:79:FA:0F:85:12:A1:77:96:18:91:74
subjectKeyIdentifier
  • 7C:18:EA:6C:AB:B3:92:A1:C9:14:97:D5:93:45:8A:91:2E:C5:90:5B
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : AF:18:1A:28:D6:8C:A3:E0:A9:8A:4C:9C:67:AB:09:F8:
  • BB:BC:22:BA:AE:BC:B1:38:A3:A1:9D:D3:F9:B6:03:0D
  • Timestamp : Jul 30 09:01:44.512 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:12:32:C6:9E:70:35:E0:2D:DC:D8:D4:52:
  • AB:2E:08:BA:F4:45:55:22:FB:BC:8E:5C:24:72:A4:F6:
  • 5A:EC:F4:71:02:21:00:EF:96:EE:B4:76:77:AF:DB:8C:
  • 4C:7C:22:D9:BC:DE:D8:BC:21:44:9E:91:2E:A7:BA:BC:
  • 00:E3:48:B5:B3:90:06
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
  • F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
  • Timestamp : Jul 30 09:01:44.492 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:07:A2:B2:CC:E7:8A:9E:AF:E2:AA:FC:5F:
  • 3A:11:45:99:C9:E0:2C:1A:DF:CD:E3:D7:56:88:FD:40:
  • 84:7A:32:EF:02:21:00:89:52:3F:77:06:2C:14:F0:68:
  • 5B:A9:25:19:8B:EA:A9:32:F1:12:C2:4D:9C:20:63:8F:
  • 79:AD:36:01:96:34:5E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : Jul 30 09:01:44.529 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:94:8D:A5:FA:36:35:FB:A2:33:A6:95:
  • B1:3A:33:1E:80:D2:CF:1C:96:05:71:8B:E6:85:32:82:
  • A2:76:A6:6A:BF:02:20:25:B9:56:7C:2F:F1:5A:1B:BF:
  • 39:CD:EF:AE:A5:13:8D:13:D1:16:D5:4B:69:D2:61:E5:
  • 2A:CD:8A:16:67:B2:45

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.emailn.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-512 Hash
valid
valid
_25._tcp.mail.emailn.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mail.emailn.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-512 Hash
valid
valid
_25._tcp.mail.emailn.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid