emailn.de - TLS / STARTTLS Test

Discover if the mail servers for emailn.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 17 Jul 2021 22:22:20 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of emailn.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @emailn.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.emailn.de 46.182.21.2	10	supported	*.emailn.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2021-07-17 6 s

Outgoing Mails

We have received emails from these servers with @emailn.de sender addresses. Test mail delivery

Host	TLS Version & Cipher
mail.emailn.de (46.182.21.2)	TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384	2021-06-16
mail.emailn.de (46.182.20.28)	TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384	2020-07-25

Certificates

First seen at: 2020-06-21

CN=*.emailn.de

Certificate chain

*.emailn.de
- 2022-06-21 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

*.emailn.de

Alternative Names

*.emailn.de
emailn.de

Issuer

Country (C)

Organization (O)

GlobalSign nv-sa

Common Name (CN)

AlphaSSL CA - SHA256 - G2

validity period

Not valid before: 2020-06-20
Not valid after: 2022-06-21

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 63:D3:13:99:C8:45:63:FB:6A:19:95:FD:0E:AE:BF:91:4F:65:57:F2:DD:01:5F:6C:5B:A2:2A:FB:5C:69:4A:90
SHA1: E9:4C:70:70:0F:37:89:FB:6D:E1:1E:5E:87:C2:17:E8:E1:CA:88:ED

X509v3 extensions

authorityInfoAccess

CA Issuers - URI:http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt
OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2

certificatePolicies

Policy: 1.3.6.1.4.1.4146.1.10.10
CPS: https://www.globalsign.com/repository/
Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://crl2.alphassl.com/gs/gsalphasha2g2.crl

authorityKeyIdentifier

keyid:F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7

subjectKeyIdentifier

FD:EC:89:64:18:4B:A9:98:9A:6C:34:D4:AE:3D:47:43:80:FC:87:62

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
Timestamp : Jun 20 12:54:09.006 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:2D:C2:7C:0C:69:7B:B6:2D:D0:E2:4A:5F:
53:0F:08:D2:DE:06:75:DE:5E:B4:32:BD:FF:51:16:D1:
3B:92:A9:25:02:20:22:A4:3F:D6:7B:86:E7:89:A5:D6:
F5:9A:13:1A:6A:E2:D3:1F:B9:9A:75:72:2F:4E:31:95:
E4:17:FB:2E:BB:C0
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
Timestamp : Jun 20 12:54:08.933 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:26:10:F8:8B:52:95:05:2B:1B:62:D6:FB:
E8:7C:6B:73:AE:4D:72:DC:65:88:1D:4F:EB:2B:DA:C7:
D8:09:2E:45:02:21:00:E9:1F:CE:45:E2:6B:14:1E:E2:
AA:AA:6F:93:38:E2:04:C7:43:D0:B7:AC:35:69:C6:A6:
18:E4:9C:0B:0F:86:B4
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
Timestamp : Jun 20 12:54:08.975 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:A6:DB:C7:D0:B6:1C:51:F2:BA:2E:7F:
CF:73:CA:2B:3B:DB:99:00:25:85:FA:CA:06:69:33:A8:
AA:B5:A6:40:B8:02:20:66:57:E4:FF:B0:04:F6:EB:61:
6D:CE:6F:25:A5:85:0B:D5:FF:BC:64:EC:37:26:35:6D:
DD:FE:5D:DD:BF:B2:00

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mail.emailn.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid
_25._tcp.mail.emailn.de	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	valid

SSL check results of emailn.de