SSL-Tools

SSL check results of emailn.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for emailn.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 28 Apr 2023 15:22:06 +0000

The mailservers of emailn.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @emailn.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.emailn.de
46.182.21.2
 10
supported
*.emailn.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
4 s

Outgoing Mails

We have received emails from these servers with @emailn.de sender addresses. Test mail delivery

Host TLS Version & Cipher
mail.emailn.de (46.182.21.2)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
mail.emailn.de (46.182.20.28)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=*.emailn.de

Certificate chain
Subject
Common Name (CN)
  • *.emailn.de
Alternative Names
  • *.emailn.de
  • emailn.de
Issuer
Country (C)
  • BE
Organization (O)
  • GlobalSign nv-sa
Common Name (CN)
  • AlphaSSL CA - SHA256 - G2
validity period
Not valid before
2022-06-20
Not valid after
2023-07-22
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
88:85:D6:F0:49:D3:F3:1F:13:C4:8D:9A:94:97:41:AC:17:2E:DD:34:46:F6:CB:0E:AD:0E:AF:0A:1E:CB:9D:2B
SHA1
67:76:4E:1D:DE:D7:3A:A0:A1:CF:81:4C:D3:87:1A:E0:8C:EE:07:A3
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://secure.globalsign.com/cacert/gsalphasha2g2r1.crt
  • OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2
certificatePolicies
  • Policy: 1.3.6.1.4.1.4146.1.10.10
  • CPS: https://www.globalsign.com/repository/
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://crl.globalsign.com/gs/gsalphasha2g2.crl
authorityKeyIdentifier
  • keyid:F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7
subjectKeyIdentifier
  • 9A:7C:C8:92:5C:9B:DE:3F:CF:E0:E9:48:F8:1E:03:7F:2E:11:46:D3
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
  • 03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
  • Timestamp : Jun 20 11:21:28.091 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:04:2D:66:DF:37:94:AD:DC:DC:E1:0B:60:
  • 42:A5:54:6D:38:4A:97:6B:22:1C:01:16:B4:03:63:10:
  • 73:F0:56:53:02:21:00:CD:A2:66:AC:77:1F:AB:93:A9:
  • 4E:77:EA:1D:B4:46:34:00:B0:95:54:94:9C:DC:D8:D9:
  • 9C:85:35:AB:37:E2:0E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : Jun 20 11:21:28.081 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:1D:84:BB:A9:69:6D:5C:06:94:71:DB:B3:
  • 8E:A8:A2:DB:69:BF:55:6B:0C:C4:FA:2F:43:30:1D:81:
  • C1:30:4E:10:02:20:7F:FC:5A:96:CA:47:CD:17:D3:5A:
  • B1:E3:B3:0A:31:6B:F0:12:58:65:F4:57:B2:DB:02:0F:
  • 05:06:2E:AE:D7:60
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : B3:73:77:07:E1:84:50:F8:63:86:D6:05:A9:DC:11:09:
  • 4A:79:2D:B1:67:0C:0B:87:DC:F0:03:0E:79:36:A5:9A
  • Timestamp : Jun 20 11:21:28.113 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:AD:31:3A:D8:7B:D3:15:58:E9:79:F4:
  • 77:6C:59:60:23:D5:F0:6D:00:DE:3E:69:93:14:FC:8E:
  • 13:42:45:DE:B7:02:21:00:90:AA:26:E8:8F:A4:62:BE:
  • 8E:66:A6:F7:7A:CD:31:3C:5F:1A:B4:89:5F:9C:BA:6E:
  • 98:75:18:08:4C:2A:4D:EE

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.emailn.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mail.emailn.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid