mail.scuruba.de - TLS / STARTTLS Test

Discover if the mail servers for mail.scuruba.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 05 Dec 2024 01:31:15 +0000

Certificates

Trustworthy
Protocol

Problems found
DANE

Problems found

We can not guarantee a secure connection to the mailservers of mail.scuruba.de!

Please contact the operator of mail.scuruba.de and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/mail.scuruba.de

Servers

Incoming Mails

These servers are responsible for incoming mails to @mail.scuruba.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.scuruba.de 92.60.36.105	-	supported	mail.scuruba.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2024-12-04 1 s
mail.scuruba.de 2a03:4000:33:1b3::2 Results incomplete	-	unsupported	not checked	DANE errors PFS not checked Heartbleed not checked Weak ciphers not checked		2024-12-04 1 s

Outgoing Mails

We have not received any emails from a @mail.scuruba.de address so far. Test mail delivery

Certificates

First seen at: 2024-12-03

CN=mail.scuruba.de

Certificate chain

mail.scuruba.de
- 2025-01-09 remaining
- 4096 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

mail.scuruba.de

Alternative Names

autoconfig.forstreuter.email
autoconfig.scuruba.de
autodiscover.forstreuter.email
autodiscover.scuruba.de
mail.scuruba.de
mta-sts.scuruba.de

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2024-10-11
Not valid after: 2025-01-09

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: AD:4D:21:F7:31:5D:DD:10:4E:46:66:6D:62:92:24:D3:23:C3:D4:82:B6:10:48:61:EB:40:EC:B6:98:2A:85:CE
SHA1: E6:84:22:8E:53:21:18:5C:5A:31:2D:4A:31:39:B7:D1:00:20:5E:AA

X509v3 extensions

subjectKeyIdentifier

05:3F:33:0E:65:AF:95:F5:6D:03:D2:6B:E6:1A:6E:C9:A0:F5:A1:AA

authorityKeyIdentifier

keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8

authorityInfoAccess

OCSP - URI:http://r10.o.lencr.org
CA Issuers - URI:http://r10.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
Timestamp : Oct 11 19:09:50.316 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:28:BF:18:59:7E:E9:50:BD:FD:AD:F6:FA:
56:5D:4B:E6:F9:52:0A:73:08:84:05:EE:E2:E1:FF:66:
9D:41:86:CC:02:20:66:44:66:68:34:AA:96:77:1D:87:
CE:BB:89:C5:55:EE:DA:34:3E:D4:FD:39:C5:94:05:6B:
B2:B9:99:F9:0E:E3
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
Timestamp : Oct 11 19:09:50.473 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:EA:09:85:AC:AE:8F:88:B5:0F:5E:75:
7F:72:26:AC:37:60:45:E7:24:FE:C7:D5:36:24:36:0B:
ED:E8:EB:1E:43:02:20:77:98:B4:27:D9:F3:A8:50:7F:
04:1B:F2:0C:22:0A:0C:DF:0A:B6:6A:B1:58:DA:A7:5D:
23:9B:A8:EA:5C:54:5F

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mail.scuruba.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid

SSL check results of mail.scuruba.de