SSL check results of netcologne.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for netcologne.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Wed, 12 Dec 2018 13:12:14 +0000

We can not guarantee a secure connection to the mailservers of netcologne.de!

Please contact the operator of netcologne.de and ask him or her to solve this problem. This result stays accessible under the following address:

https://ssl-tools.net/mailservers/netcologne.de

Servers

Incoming Mails

These servers are responsible for incoming mails to @netcologne.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
cc-mx2.netcologne.de
2001:4dd0:100:1062:25:3::2
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
cc-mx2.netcologne.de
89.1.8.142
10
supported
cc-mx1.netcologne.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s
cc-mx3.netcologne.de
2001:4dd0:100:1062:25:3::3
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
cc-mx3.netcologne.de
89.1.8.143
10
supported
cc-mx1.netcologne.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
cc-mx1.netcologne.de
2001:4dd0:100:1062:25:3::1
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
cc-mx1.netcologne.de
89.1.8.141
10
supported
cc-mx1.netcologne.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s
cc-mx4.netcologne.de
2001:4dd0:100:1062:25:3::4
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
cc-mx4.netcologne.de
89.1.8.144
10
supported
cc-mx1.netcologne.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have received emails from these servers with @netcologne.de sender addresses. Test mail delivery

Host TLS Version & Cipher
cc-smtpout2.netcologne.de (89.1.8.212)
TLSv1.2 ADH-AES256-GCM-SHA384
cc-smtpout2.netcologne.de (IPv6:2001:4dd0:100:1062:25:2:0:2)
TLSv1.2 AECDH-AES256-SHA

Certificates

First seen at:

CN=cc-mx1.netcologne.de,O=NetCologne Ges. fuer Telekommunikation mbH,L=Koeln,ST=Nordrhein-Westfalen,C=DE

Certificate chain
Subject
Country (C)
  • DE
State (ST)
  • Nordrhein-Westfalen
Locality (L)
  • Koeln
Organization (O)
  • NetCologne Ges. fuer Telekommunikation mbH
Common Name (CN)
  • cc-mx1.netcologne.de
Alternative Names
  • cc-mx4.netcologne.de
  • dmx2.netcologne.de
  • cc-mx2.netcologne.de
  • cc-mx3.netcologne.de
  • dmx1.netcologne.de
  • cc-mx1.netcologne.de
Issuer
Country (C)
  • US
Organization (O)
  • GeoTrust Inc.
Common Name (CN)
  • GeoTrust SHA256 SSL CA
validity period
Not valid before
2017-10-07
Not valid after
2019-11-06
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
2A:2C:E5:B2:14:37:CD:B8:20:84:C9:C3:B0:F4:48:43:8A:05:ED:10:F6:F6:D4:72:7A:1E:CC:E0:E5:72:18:5D
SHA1
DC:44:BF:A5:98:25:C6:C0:31:4C:DE:5E:6F:D2:61:10:68:DE:4B:09
X509v3 extensions
crlDistributionPoints
  • Full Name:
  • URI:http://gj.symcb.com/gj.crl
certificatePolicies
  • Policy: 2.23.140.1.2.2
  • CPS: https://www.geotrust.com/resources/repository/legal
  • User Notice:
  • Explicit Text: https://www.geotrust.com/resources/repository/legal
authorityKeyIdentifier
  • keyid:14:67:8E:ED:83:4F:D6:1E:9D:40:04:0C:04:46:A1:70:34:B2:0F:72
authorityInfoAccess
  • OCSP - URI:http://gj.symcd.com
  • CA Issuers - URI:http://gj.symcb.com/gj.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:EB:1D:2B:7A:0D:4F:A6:20:8B:81:AD:81:68:70:7E:
  • 2E:8E:9D:01:D5:5C:88:8D:3D:11:C4:CD:B6:EC:BE:CC
  • Timestamp : Oct 7 11:35:02.064 2017 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:F8:C8:F3:C7:A6:9A:B1:38:42:9B:13:
  • D0:E0:BA:3E:B5:60:F9:C1:0A:89:35:D6:FE:C0:18:49:
  • F5:AD:B1:32:F4:02:21:00:F2:39:74:AD:5D:92:45:1E:
  • 6D:5B:B7:93:EF:1A:8F:39:E1:E5:67:D6:6E:F2:F2:6C:
  • 7F:76:AE:B5:69:43:35:F3
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:B9:09:90:B4:18:58:14:87:BB:13:A2:CC:67:70:0A:
  • 3C:35:98:04:F9:1B:DF:B8:E3:77:CD:0E:C8:0D:DC:10
  • Timestamp : Oct 7 11:35:02.122 2017 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:8F:A7:95:A8:0F:14:0B:99:A6:34:A8:
  • D4:82:14:63:E7:4F:AE:4C:93:35:87:9A:32:6F:84:CA:
  • 4A:C4:5B:A1:03:02:21:00:C1:D4:69:5A:2B:49:FE:E1:
  • 6C:5F:62:A5:9D:DF:D8:E9:05:6B:10:A9:86:83:E0:29:
  • 82:AF:B2:89:AD:71:D1:B3
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:4B:BD:B7:75:CE:60:BA:E1:42:69:1F:AB:E1:9E:66:
  • A3:0F:7E:5F:B0:72:D8:83:00:C4:7B:89:7A:A8:FD:CB
  • Timestamp : Oct 7 11:35:02.575 2017 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:CB:50:FE:98:CE:74:DE:12:14:B3:4A:
  • 37:74:8A:EF:57:A2:68:DF:E7:EC:8F:43:7C:8F:FE:06:
  • BF:27:58:46:38:02:21:00:97:BA:C9:D2:32:C1:A6:26:
  • 39:CC:FA:AF:0C:08:60:0B:7B:2D:2B:6D:8A:2F:B9:38:
  • E0:09:08:80:67:26:B5:65