martin-seubert.de - TLS / STARTTLS Test

Discover if the mail servers for martin-seubert.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 26 Apr 2024 20:44:01 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of martin-seubert.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @martin-seubert.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail2.hasdf.de 2a01:4f9:c010:afc::1	100	supported	mail2.hasdf.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2024-04-26 8 s
mail2.hasdf.de 95.216.144.58	100	supported	mail2.hasdf.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2024-04-26 6 s

Outgoing Mails

We have not received any emails from a @martin-seubert.de address so far. Test mail delivery

Certificates

First seen at: 2024-04-26

CN=mail2.hasdf.de

Certificate chain

mail2.hasdf.de
- 2024-07-05 remaining
- 4096 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

mail2.hasdf.de

Alternative Names

autoconfig.fraudunschn.de
autoconfig.hasdf.de
autoconfig.martin-seubert.de
autoconfig.peterseubert.de
autodiscover.fraudunschn.de
autodiscover.hasdf.de
autodiscover.martin-seubert.de
autodiscover.peterseubert.de
mail2.hasdf.de

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2024-04-06
Not valid after: 2024-07-05

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: E2:C6:21:43:5C:F7:89:5F:D2:9A:2B:29:67:56:31:E6:60:70:39:6B:92:E0:BD:5D:55:47:D6:BE:95:87:88:AC
SHA1: CC:AC:0F:60:AF:3A:85:73:69:CF:09:65:9E:18:B3:63:A2:E0:BC:C9

X509v3 extensions

subjectKeyIdentifier

35:83:26:57:38:88:4B:CE:F2:0B:CD:82:DF:A6:4D:C0:16:C9:16:43

authorityKeyIdentifier

keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6

authorityInfoAccess

OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Apr 6 14:29:41.261 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:93:3F:1D:3B:46:56:DD:FA:AA:51:A0:
CE:37:BF:42:E1:AF:E4:CD:CF:15:7D:53:34:4B:BB:1D:
04:F8:CE:DF:C4:02:20:1A:42:2E:AA:BA:23:48:92:9F:
80:0C:38:5C:56:9E:77:E9:6D:7F:A4:16:63:70:12:BB:
FF:4C:47:11:66:FE:E9
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
Timestamp : Apr 6 14:29:41.285 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:C8:E1:04:52:EE:DA:51:45:30:D9:67:
C3:FF:87:2B:83:37:2E:46:DE:1C:5E:50:6B:78:23:23:
E9:EB:B5:A4:37:02:20:55:BF:50:85:18:63:D2:67:59:
2B:05:05:C5:EB:6C:EC:AF:A0:54:D2:FE:DA:38:24:03:
EE:89:D6:C1:88:71:C2

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mail2.hasdf.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid

SSL check results of martin-seubert.de