jbechtel.de - TLS / STARTTLS Test

Discover if the mail servers for jbechtel.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 03 May 2025 00:31:59 +0000

Certificates

Trustworthy
Protocol

Problems found
DANE

Problems found

We can not guarantee a secure connection to the mailservers of jbechtel.de!

Please contact the operator of jbechtel.de and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/jbechtel.de

Servers

Incoming Mails

These servers are responsible for incoming mails to @jbechtel.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
gt.jbechtel.de 83.171.237.161	5	supported	jbechtel.de	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers supported SSL_RSA_WITH_RC4_128_SHA	TLSv1.2 ~~SSLv3~~	2025-05-03 1 s
mx.runbox.com 185.226.149.25 Results incomplete	444	supported	not checked	DANE errors PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-05-03 1 s

Outgoing Mails

We have not received any emails from a @jbechtel.de address so far. Test mail delivery

Certificates

First seen at: 2025-04-13

CN=jbechtel.de

Certificate chain

jbechtel.de
- 2025-07-12 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

jbechtel.de

Alternative Names

gt.jbechtel.de
gteethunberg.gt.jbechtel.de
jbechtel.de
test.jbechtel.de

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-04-13
Not valid after: 2025-07-12

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 43:F0:19:ED:12:E6:D2:A7:82:F7:68:12:2A:CF:0F:CC:A2:77:40:66:59:14:09:F0:BF:0E:B4:6B:02:7A:E5:D0
SHA1: 6F:30:25:71:DD:57:40:F3:1E:C1:9A:24:35:DF:2B:14:BC:88:70:84

X509v3 extensions

subjectKeyIdentifier

0B:EF:98:75:EC:A2:B3:89:5D:D6:AD:9C:4D:23:1A:3B:23:7D:53:38

authorityKeyIdentifier

keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8

authorityInfoAccess

OCSP - URI:http://r10.o.lencr.org
CA Issuers - URI:http://r10.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://r10.c.lencr.org/25.crl

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : ED:3C:4B:D6:E8:06:C2:A4:A2:00:57:DB:CB:24:E2:38:
01:DF:51:2F:ED:C4:86:C5:70:0F:20:DD:B7:3E:3F:E0
Timestamp : Apr 13 18:49:24.184 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:40:DB:87:35:E9:4D:F8:F9:6B:C1:71:A5:
5E:5B:8F:0C:BA:DC:98:C2:2C:69:B6:0A:FA:94:C4:81:
58:9D:6D:09:02:20:35:8C:98:24:43:6D:17:28:AF:C5:
8F:A9:3C:C8:25:CB:EC:96:D3:4C:18:CF:01:ED:AB:3A:
0D:82:70:69:B7:F6
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
Timestamp : Apr 13 18:49:24.264 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:4B:77:7E:A0:CA:96:10:4E:94:2C:E2:26:
05:4E:02:05:7F:F2:14:B8:B0:D1:4B:D1:BF:46:92:88:
5C:22:EE:F3:02:20:1B:8C:F5:5D:3D:AA:1F:13:04:03:
19:9E:96:5D:82:45:43:33:71:84:F1:2B:0C:A5:EF:0A:
8C:97:5C:48:85:18

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mx.runbox.com	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—

SSL check results of jbechtel.de