SSL check results of mail02.allsecur.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for mail02.allsecur.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Fri, 27 Mar 2020 01:30:31 +0000

The mailservers of mail02.allsecur.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mail02.allsecur.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail02.allsecur.de
93.94.134.12
-
supported
*.allsecur.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have received emails from these servers with @mail02.allsecur.de sender addresses. Test mail delivery

Host TLS Version & Cipher
mail02.allsecur.de (93.94.134.12)
TLSv1.2 ADH-AES256-GCM-SHA384

Certificates

First seen at:

CN=*.allsecur.de,OU=Domain Control Validated

Certificate chain
Subject
Organizational Unit (OU)
  • Domain Control Validated
Common Name (CN)
  • *.allsecur.de
Alternative Names
  • *.allsecur.de
  • allsecur.de
Issuer
Country (C)
  • BE
Organization (O)
  • GlobalSign nv-sa
Common Name (CN)
  • GlobalSign RSA DV SSL CA 2018
validity period
Not valid before
2019-07-24
Not valid after
2021-07-24
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
A8:F4:8B:1F:C0:39:2C:97:11:B8:58:E7:B8:6C:0A:A9:34:35:16:4C:C4:60:AA:6E:5E:1A:15:C3:52:BE:66:1D
SHA1
7C:03:C2:44:B9:FD:2C:23:9C:DF:9C:D3:68:83:2A:E6:DF:FE:A8:2A
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://secure.globalsign.com/cacert/gsrsadvsslca2018.crt
  • OCSP - URI:http://ocsp.globalsign.com/gsrsadvsslca2018
certificatePolicies
  • Policy: 1.3.6.1.4.1.4146.1.10
  • CPS: https://www.globalsign.com/repository/
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://crl.globalsign.com/gsrsadvsslca2018.crl
authorityKeyIdentifier
  • keyid:81:80:D6:28:79:35:4A:5B:79:35:89:39:8F:12:17:6E:11:7B:2C:11
subjectKeyIdentifier
  • D5:CC:68:AE:99:B8:1F:2B:EA:07:4B:73:B9:8E:F8:18:76:27:EE:E3
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : BB:D9:DF:BC:1F:8A:71:B5:93:94:23:97:AA:92:7B:47:
  • 38:57:95:0A:AB:52:E8:1A:90:96:64:36:8E:1E:D1:85
  • Timestamp : Jul 24 13:05:53.518 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:93:80:D7:04:09:13:A2:FE:80:F2:5E:
  • 0D:F4:AD:68:D3:AF:E6:56:84:5D:6B:E5:6E:76:32:B7:
  • CB:74:FD:E3:D0:02:20:4A:37:C4:04:C5:4F:48:C5:3B:
  • 76:8F:2F:C5:62:52:14:26:B0:A0:BD:FC:0D:9A:2E:16:
  • 07:4A:36:54:30:59:4F
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
  • 37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
  • Timestamp : Jul 24 13:05:54.242 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:3D:DF:1B:E4:52:D0:A3:CF:2C:36:64:9E:
  • 33:29:E8:8A:DA:24:1D:4C:AE:56:9C:69:EB:FE:5D:EF:
  • 82:07:BF:29:02:20:27:8B:D1:2D:18:78:A5:73:E0:6B:
  • 7F:C5:79:7F:B6:4B:CD:D5:CB:81:7E:E4:CC:F1:0E:E0:
  • 7C:65:41:B2:E5:6E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:C0:95:EE:8D:72:64:0F:92:E3:C3:B9:1B:C7:12:A3:
  • 69:6A:09:7B:4B:6A:1A:14:38:E6:47:B2:CB:ED:C5:F9
  • Timestamp : Jul 24 13:05:54.392 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:DB:20:38:32:88:DA:E1:90:35:AB:F0:
  • E0:18:AF:14:B1:23:50:19:C5:94:7A:61:8E:AE:68:FC:
  • 04:19:7A:1F:73:02:20:2B:5D:0A:3D:64:0C:39:77:C2:
  • 81:D1:2A:E0:F2:70:0A:82:81:0A:DF:24:61:F5:B1:F4:
  • E9:1A:E6:70:1D:2F:27

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail02.allsecur.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid