mail.srvfarm.net - TLS / STARTTLS Test

Discover if the mail servers for mail.srvfarm.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 23 Apr 2024 08:08:18 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of mail.srvfarm.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mail.srvfarm.net addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.srvfarm.net 2a06:9500:7:12:f816:3eff:fee3:c534	10	supported	mail.srvfarm.net	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-23 2 s
mail.srvfarm.net 185.118.197.126	10	supported	mail.srvfarm.net	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-04-23 2 s

Outgoing Mails

We have not received any emails from a @mail.srvfarm.net address so far. Test mail delivery

Certificates

First seen at: 2024-04-23

CN=mail.srvfarm.net

Certificate chain

mail.srvfarm.net
- 2024-06-21 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

mail.srvfarm.net

Alternative Names

mail.srvfarm.net

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2024-03-23
Not valid after: 2024-06-21

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: A6:7B:72:63:59:B3:1A:28:5A:12:30:A1:45:91:29:21:FD:1D:C2:CA:4C:D0:BD:D4:61:79:D7:41:BA:3F:CA:84
SHA1: 98:2B:BA:61:45:BB:95:4C:E2:A2:4F:54:81:D3:E4:62:46:81:43:85

X509v3 extensions

subjectKeyIdentifier

3B:FE:D1:F6:1A:58:49:37:9E:34:70:9B:F7:1D:86:03:14:EB:E5:4A

authorityKeyIdentifier

keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6

authorityInfoAccess

OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Mar 23 21:08:01.868 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:EA:E4:AD:21:B4:8D:09:E3:2F:42:AC:
32:C6:E7:82:C1:2E:83:E8:DB:6B:72:25:4B:88:36:DD:
0A:D5:FB:EB:B4:02:20:55:4D:E7:BE:7C:D4:71:F7:CF:
64:6B:81:B7:33:29:CF:BA:C9:C9:85:92:60:5F:8E:86:
CD:73:CD:2E:1B:85:9B
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
Timestamp : Mar 23 21:08:01.920 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:6D:CE:A8:0F:9D:16:7E:74:16:CD:C9:2D:
04:50:F9:07:56:DF:51:4A:57:BF:05:DA:CA:6C:D9:2D:
53:F7:E9:2B:02:20:3D:AB:DE:12:12:2F:3A:23:E6:90:
9E:00:6D:73:CD:2E:A2:2E:26:C0:9A:A5:48:E3:E7:AA:
99:36:A0:B3:F0:C5

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mail.srvfarm.net	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—
_25._tcp.mail.srvfarm.net	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—
_25._tcp.mail.srvfarm.net	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	valid
_25._tcp.mail.srvfarm.net	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—

SSL check results of mail.srvfarm.net