SSL-Tools

SSL check results of metalabs.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for metalabs.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 16 Feb 2026 13:45:43 +0000

The mailservers of metalabs.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @metalabs.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.metalabs.de
2a01:4f8:242:1fa7:cafe::110
 5
supported
mail.metalabs.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s
mail.metalabs.de
138.201.44.110
 5
supported
mail.metalabs.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @metalabs.de address so far. Test mail delivery

Certificates

First seen at:

CN=mail.metalabs.de

Certificate chain
  • mail.metalabs.de
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R13
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.metalabs.de
Alternative Names
  • imap.metalabs.de
  • mail.metalabs.de
  • smtp.metalabs.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R13
validity period
Not valid before
2026-01-24
Not valid after
2026-04-24
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
77:D5:9F:D2:B3:FF:B6:E1:03:DF:42:6B:42:40:20:6C:77:59:E4:22:A6:0E:7A:E6:F9:6D:E6:87:1B:19:99:6F
SHA1
75:AC:E7:A5:F8:C3:F7:63:6C:05:97:46:D5:59:57:78:60:3B:7F:D0
X509v3 extensions
subjectKeyIdentifier
  • E6:5C:0C:46:A4:8C:19:16:38:1B:64:79:FB:44:6A:D6:90:59:50:5A
authorityKeyIdentifier
  • keyid:E7:AB:9F:0F:2C:33:A0:53:D3:5E:4F:78:C8:B2:84:0E:3B:D6:92:33
authorityInfoAccess
  • CA Issuers - URI:http://r13.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r13.c.lencr.org/2.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
  • 4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
  • Timestamp : Jan 24 07:25:15.060 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:C2:C8:84:20:28:47:57:7C:34:5D:61:
  • CF:51:4D:D0:50:2F:CA:FF:23:31:09:AC:93:C9:A5:78:
  • BA:D8:C0:4F:6F:02:20:54:C8:A7:D6:DD:C8:25:02:DA:
  • D3:95:8C:D1:54:AD:8C:A2:F3:BE:9B:C7:83:DB:00:AC:
  • 6C:A1:D3:E9:DC:C9:42
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A5:C9:78:92:5D:57:46:17:82:87:0D:D8:89:66:0B:5C:
  • 55:64:8B:7D:00:40:F2:EC:07:68:51:D1:88:69:19:F7
  • Timestamp : Jan 24 07:25:15.830 2026 GMT
  • Extensions: 00:00:05:00:2F:E8:FF:C0
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:54:69:26:49:4B:B4:01:51:BA:1C:F2:DB:
  • 8F:2C:EC:7B:6F:95:F0:F1:7D:D3:3F:58:75:6D:69:87:
  • 5B:35:88:98:02:20:7E:96:51:85:32:5B:3F:CA:50:5A:
  • ED:16:B7:FE:C9:86:67:62:97:97:EB:46:B1:8C:D1:CD:
  • 4C:4C:35:AB:C8:80

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.metalabs.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.metalabs.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mail.metalabs.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.metalabs.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.metalabs.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.metalabs.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.metalabs.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid