SSL check results of mvi.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for mvi.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sun, 18 Nov 2018 23:04:06 +0000

The mailservers of mvi.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mvi.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.mvi.de
212.18.14.164
10
supported
mail.mvi.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
12 s
mail2.mvi.de
82.165.102.143
100
supported
mail.mvi.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
11 s

Outgoing Mails

We have received emails from these servers with @mvi.de sender addresses. Test mail delivery

Host TLS Version & Cipher
mailout.mvi.de (212.18.14.162)
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256

Certificates

First seen at:

CN=mail.mvi.de

Certificate chain
Subject
Common Name (CN)
  • mail.mvi.de
Alternative Names
  • mail2.mvi.de
  • mail.mvi.de
Issuer
Country (C)
  • US
Organization (O)
  • GeoTrust Inc.
Organizational Unit (OU)
  • Domain Validated SSL
Common Name (CN)
  • GeoTrust DV SSL SHA256 CA
validity period
Not valid before
2017-11-13
Not valid after
2021-01-11
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
2C:85:B9:AD:33:1C:9D:68:31:68:7F:3C:B7:85:5C:74:94:0B:1A:49:2D:54:6F:F1:39:F1:FC:F8:CB:A4:17:89
SHA1
18:2D:66:7A:58:F6:66:D7:54:AB:46:A2:10:08:C1:6E:08:EE:9A:29
X509v3 extensions
crlDistributionPoints
  • Full Name:
  • URI:http://gr.symcb.com/gr.crl
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • CPS: https://www.geotrust.com/resources/repository/legal
  • User Notice:
  • Explicit Text: https://www.geotrust.com/resources/repository/legal
authorityKeyIdentifier
  • keyid:49:EC:A7:C8:A9:F7:C5:BB:2C:AA:24:E7:F4:43:B3:B1:3C:E8:54:F8
authorityInfoAccess
  • OCSP - URI:http://gr.symcd.com
  • CA Issuers - URI:http://gr.symcb.com/gr.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:EB:1D:2B:7A:0D:4F:A6:20:8B:81:AD:81:68:70:7E:
  • 2E:8E:9D:01:D5:5C:88:8D:3D:11:C4:CD:B6:EC:BE:CC
  • Timestamp : Nov 13 16:55:08.087 2017 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:54:AB:FE:99:C9:9E:CD:6B:0B:4C:C4:AC:
  • C0:F0:8D:A0:9E:FA:3D:35:03:C8:B8:73:EE:6A:F9:FA:
  • AE:8F:11:67:02:21:00:DB:C8:C8:F7:CB:55:18:DB:66:
  • 47:08:8B:FF:0A:63:95:48:0B:70:FC:F1:56:7C:B3:55:
  • 3A:48:B3:A3:7F:2A:3E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:B9:09:90:B4:18:58:14:87:BB:13:A2:CC:67:70:0A:
  • 3C:35:98:04:F9:1B:DF:B8:E3:77:CD:0E:C8:0D:DC:10
  • Timestamp : Nov 13 16:55:08.140 2017 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:CF:F8:AB:09:FF:E4:E6:9B:24:2C:43:
  • C3:8D:CB:86:0E:58:18:84:A9:51:90:52:0E:CF:37:AD:
  • 11:65:FE:B6:1A:02:20:79:20:1E:10:D6:04:58:BA:7B:
  • 9E:C6:2F:C1:66:B1:02:E0:D3:FD:E3:51:70:36:8F:46:
  • 93:15:EE:12:CC:1E:57
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:4B:BD:B7:75:CE:60:BA:E1:42:69:1F:AB:E1:9E:66:
  • A3:0F:7E:5F:B0:72:D8:83:00:C4:7B:89:7A:A8:FD:CB
  • Timestamp : Nov 13 16:55:08.626 2017 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:2B:8F:77:14:3A:EA:C0:EC:35:C6:E5:C1:
  • 90:AB:6E:5F:BD:38:98:FE:E0:7F:0D:4D:1D:D5:11:9B:
  • 3B:B2:F9:81:02:21:00:EC:8B:9A:BB:4E:33:D6:F2:39:
  • 3B:EA:13:B4:CB:76:34:5B:B2:3E:8F:15:3D:4A:83:13:
  • 60:72:E7:58:53:92:D7
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : BC:78:E1:DF:C5:F6:3C:68:46:49:33:4D:A1:0F:A1:5F:
  • 09:79:69:20:09:C0:81:B4:F3:F6:91:7F:3E:D9:B8:A5
  • Timestamp : Nov 13 16:55:08.277 2017 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:2A:F9:49:58:A4:8F:26:66:34:F0:C4:92:
  • D5:F7:AD:06:26:BE:C7:81:AE:FF:76:F3:30:D4:3D:AA:
  • AC:C7:39:17:02:20:22:11:3E:0B:29:B1:DE:D2:07:17:
  • BF:E6:93:17:09:44:BF:40:00:36:87:A4:00:97:C9:89:
  • AC:F0:AA:09:E4:A3

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail2.mvi.de
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid
_25._tcp.mail.mvi.de
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid