SSL-Tools

SSL check results of mail.ru

NEW You can also bulk check multiple servers.

Discover if the mail servers for mail.ru can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 13 Jul 2021 13:19:30 +0000

The mailservers of mail.ru can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mail.ru addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mxs.mail.ru
94.100.180.31
 10
supported
*.mail.ru
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
14 s
mxs.mail.ru
94.100.180.104
 10
supported
*.mail.ru
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
14 s

Outgoing Mails

We have received emails from these servers with @mail.ru sender addresses. Test mail delivery

Host TLS Version & Cipher
f319.i.mail.ru (217.69.130.170)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
f422.i.mail.ru (185.5.136.93)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
unknown (46.183.220.24)
Insecure - not encrypted!
unknown (185.180.199.71)
Insecure - not encrypted!
srv03.23553.serviceprovider.de (212.223.35.234)
TLSv1.3 TLS_AES_256_GCM_SHA384
f162.i.mail.ru (128.140.171.250)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=*.mail.ru,O=LLC Mail.Ru,L=Москва,C=RU

Certificate chain
Subject
Country (C)
  • RU
Locality (L)
  • Москва
Organization (O)
  • LLC Mail.Ru
Common Name (CN)
  • *.mail.ru
Alternative Names
  • *.mail.ru
  • mail.ru
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • GeoTrust RSA CA 2018
validity period
Not valid before
2020-11-13
Not valid after
2021-12-14
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
C3:B4:21:74:83:97:13:45:4F:4B:B3:31:FF:DE:DD:B9:4D:51:3C:F4:40:36:BE:66:86:7B:89:60:DB:C6:5F:08
SHA1
BD:F7:B9:A6:F8:63:B1:47:5E:A2:A7:63:3B:83:C2:B1:18:E2:7E:72
X509v3 extensions
authorityKeyIdentifier
  • keyid:90:58:FF:B0:9C:75:A8:51:54:77:B1:ED:F2:A3:43:16:38:9E:6C:C5
subjectKeyIdentifier
  • 8A:3F:12:DF:02:FF:E3:29:95:2C:A0:4D:A2:94:00:3E:14:8E:D2:22
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.geotrust.com/GeoTrustRSACA2018.crl
certificatePolicies
  • Policy: 2.16.840.1.114412.1.1
  • CPS: https://www.digicert.com/CPS
  • Policy: 2.23.140.1.2.2
authorityInfoAccess
  • OCSP - URI:http://status.geotrust.com
  • CA Issuers - URI:http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Nov 13 10:16:19.642 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:40:C3:45:29:9C:1A:F6:04:6A:2B:53:EB:
  • AD:6B:E4:07:FE:D0:00:13:3B:97:6F:48:0D:FE:6E:F3:
  • 1A:8D:57:06:02:21:00:B4:6A:C4:CC:7B:8E:AB:BA:70:
  • 89:13:64:F1:ED:62:BD:4B:FB:96:69:F0:AD:7B:D7:17:
  • BF:0E:FB:5B:7B:0B:3E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
  • DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
  • Timestamp : Nov 13 10:16:19.647 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:E0:7E:7B:99:C1:A6:4C:6F:D7:1F:03:
  • 99:56:63:EC:D7:CD:F1:0B:DB:5D:D3:6E:EA:56:34:E4:
  • 06:A6:3A:AC:35:02:20:6F:4B:61:51:30:AA:67:66:6B:
  • 76:B2:4F:73:FE:10:1A:AF:1C:2B:63:A1:81:13:CA:A3:
  • 2E:AF:78:03:12:70:1B