SSL check results of maquena.org

NEW You can also bulk check multiple servers.

Discover if the mail servers for maquena.org can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Thu, 06 Dec 2018 19:46:56 +0000

The mailservers of maquena.org can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @maquena.org addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.maquena.org
94.16.121.124
0
supported
mail.maquena.org
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
11 s

Outgoing Mails

We have received emails from these servers with @maquena.org sender addresses. Test mail delivery

Host TLS Version & Cipher
mail.maquena.org (94.16.121.124)
Insecure - not encrypted!

Certificates

First seen at:

CN=mail.maquena.org

Certificate chain
Subject
Common Name (CN)
  • mail.maquena.org
Alternative Names
  • imap.maquena.org
  • mail.maquena.org
  • smtp.maquena.org
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2018-12-05
Not valid after
2019-03-05
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
04:35:6B:CE:E7:94:80:5F:21:59:6C:44:D6:46:59:84:11:D3:6B:08:07:9A:DD:B2:91:0F:E4:6C:A7:21:0B:97
SHA1
37:6F:C8:C2:79:8F:34:88:9B:69:A4:36:64:41:47:22:71:9A:6F:2F
X509v3 extensions
subjectKeyIdentifier
  • 52:27:28:0B:D5:FC:F5:3B:85:21:B9:5E:09:2D:59:40:43:80:C0:C8
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E2:69:4B:AE:26:E8:E9:40:09:E8:86:1B:B6:3B:83:D4:
  • 3E:E7:FE:74:88:FB:A4:8F:28:93:01:9D:DD:F1:DB:FE
  • Timestamp : Dec 5 08:27:17.285 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:96:78:F7:11:4D:67:2B:94:7A:9C:6F:
  • DA:62:03:0F:06:7D:DA:FC:AD:F3:45:CC:D6:36:5C:AC:
  • 09:92:23:72:56:02:21:00:EC:C6:6A:2D:46:9A:EE:CF:
  • 6B:73:67:FE:FD:22:99:FB:47:52:94:EF:22:55:C0:2E:
  • 86:8B:29:75:AF:C7:3D:A1
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 63:F2:DB:CD:E8:3B:CC:2C:CF:0B:72:84:27:57:6B:33:
  • A4:8D:61:77:8F:BD:75:A6:38:B1:C7:68:54:4B:D8:8D
  • Timestamp : Dec 5 08:27:17.284 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:50:B8:49:F9:11:0C:17:3B:DF:CD:E4:54:
  • 53:B9:07:7B:AF:31:99:8A:2C:10:AC:D1:3F:B9:65:27:
  • 8A:89:0E:1C:02:20:6C:77:38:A5:8A:A5:55:E5:E0:CD:
  • 43:93:28:DB:1E:5E:11:AC:93:A8:A7:95:5D:14:0F:62:
  • BC:5C:56:9A:1B:D2

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.maquena.org
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid