Discover if the mail servers for jaba.cz can be reached through a secure connection.
To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.
Report created Thu, 25 Nov 2021 01:39:56 +0000
However, we found problems that may affect the security.
These servers are responsible for incoming mails to @jaba.cz addresses.
Hostname / IP address | Priority | STARTTLS | Certificates | Protocol | ||
---|---|---|---|---|---|---|
tlsa1.jaba.cz
87.236.194.107
|
1 |
supported
|
tlsa1.jaba.cz |
|
1 s
|
|
tlsa2.jaba.cz
89.187.140.193
|
2 |
supported
|
tlsa2.jaba.cz |
|
62 s
|
|
mail.jaba.cz
87.236.194.103
|
10 |
supported
|
mail.jaba.cz |
|
12 s
|
|
mail2.jaba.cz
89.187.140.195
|
20 |
supported
|
WMSvc-SHA2-EXCH2016A |
|
72 s
|
We have not received any emails from a @jaba.cz address so far. Test mail delivery
Certificate is self-signed.
Certificate is self-signed.
DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.
Name | Options | DNSSEC | Matches |
---|---|---|---|
_25._tcp.tlsa2.jaba.cz |
|
valid
|
valid
|
_25._tcp.tlsa2.jaba.cz |
|
valid
|
— |
_25._tcp.tlsa1.jaba.cz |
|
valid
|
— |
_25._tcp.tlsa1.jaba.cz |
|
valid
|
valid
|