las.int - TLS / STARTTLS Test

Discover if the mail servers for las.int can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 30 May 2020 10:17:10 +0000

Certificates

Problems found
Protocol

Secure
DANE

Missing

The mailservers of las.int can be reached through an encrypted connection.

However, we found problems that may affect the security.

Servers

Incoming Mails

These servers are responsible for incoming mails to @las.int addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.las.int 163.121.143.52	10	supported	LAS-MAIL-N01	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-05-30 4 s

Outgoing Mails

We have not received any emails from a @las.int address so far. Test mail delivery

Certificates

First seen at: 2020-05-30

CN=LAS-MAIL-N01

Certificate chain

LAS-MAIL-N01 (Certificate is self-signed.)
- 2025-03-19 remaining
- 2048 bit
- sha1WithRSAEncryption
- Hostname Mismatch
- Unknown Authority

Subject

Common Name (CN)

LAS-MAIL-N01

Alternative Names

LAS-MAIL-N01
LAS-MAIL-N01.las.org

Issuer

Certificate is self-signed.

validity period

Not valid before: 2020-03-19
Not valid after: 2025-03-19

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication

Fingerprints

SHA256: BB:7B:19:C8:45:FA:BB:F1:FA:E4:0F:A4:EE:58:79:93:96:0F:5B:6B:0E:2A:65:8E:54:17:49:FE:28:81:42:2B
SHA1: 43:8A:3C:E8:CE:6B:0E:29:F9:B5:78:DD:43:AC:D9:90:89:B2:44:37

SSL check results of las.int