paesel-lorei.de - TLS / STARTTLS Test

Discover if the mail servers for paesel-lorei.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 09 Nov 2023 11:11:31 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of paesel-lorei.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @paesel-lorei.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mx4.mtaroutes.com 2001:978:2:19::e:100	0	supported	*.antispamcloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-11-09 2 s
mx4.mtaroutes.com 130.117.54.106	0	supported	*.antispamcloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-11-09 2 s
mx1.mtaroutes.com 2001:978:2:7::162:100	10	supported	*.antispamcloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-11-09 2 s
mx1.mtaroutes.com 130.117.54.106	10	supported	*.antispamcloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-11-09 2 s
mx2.mtaroutes.com 2001:978:2:7::162:100	20	supported	*.antispamcloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-11-09 2 s
mx2.mtaroutes.com 149.13.75.27	20	supported	*.antispamcloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-11-09 2 s
mx3.mtaroutes.com 2001:978:2:2c::137:100	30	supported	*.antispamcloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-11-09 2 s
mx3.mtaroutes.com 130.117.53.188	30	supported	*.antispamcloud.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-11-09 2 s

Outgoing Mails

We have not received any emails from a @paesel-lorei.de address so far. Test mail delivery

Certificates

First seen at: 2022-12-28

CN=*.antispamcloud.com,O=N-ABLE TECHNOLOGIES LTD,L=Dundee,C=GB

Certificate chain

*.antispamcloud.com
- 2024-01-10 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Country (C)

Locality (L)

Dundee

Organization (O)

N-ABLE TECHNOLOGIES LTD

Common Name (CN)

*.antispamcloud.com

Alternative Names

*.antispamcloud.com
*.spamexperts.com
*.spamexperts.eu
*.spamexperts.net
*.mtaroutes.com
*.smtp.antispamcloud.com

Issuer

Country (C)

Organization (O)

DigiCert Inc

Common Name (CN)

DigiCert TLS RSA SHA256 2020 CA1

validity period

Not valid before: 2022-12-21
Not valid after: 2024-01-10

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: CB:47:C1:02:28:74:22:A3:B7:A3:74:BB:FF:A6:D2:D8:4F:8C:C9:A0:C6:A4:4E:1C:02:4B:D8:34:F9:0C:B7:D6
SHA1: 49:38:BB:6F:E5:F9:22:20:D8:D2:2D:FE:76:E9:85:B7:8F:48:EE:85

X509v3 extensions

authorityKeyIdentifier

keyid:B7:6B:A2:EA:A8:AA:84:8C:79:EA:B4:DA:0F:98:B2:C5:95:76:B9:F4

subjectKeyIdentifier

55:A9:FF:78:C4:15:74:A2:05:8A:4E:5C:9E:CA:E6:BF:A9:21:B7:5A

crlDistributionPoints

Full Name:
URI:http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
Full Name:
URI:http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

certificatePolicies

Policy: 2.23.140.1.2.2
CPS: http://www.digicert.com/CPS

authorityInfoAccess

OCSP - URI:http://ocsp.digicert.com
CA Issuers - URI:http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Dec 21 15:40:26.147 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:2B:A4:16:CE:D3:C5:46:88:D7:EC:C4:E7:
F5:8F:BD:C0:3C:9D:25:D6:63:54:68:1B:71:D0:04:68:
08:8B:98:96:02:21:00:D3:B0:ED:FF:3E:B9:5A:54:20:
15:47:C2:0C:59:D5:9C:92:7B:48:98:BC:2F:45:06:EC:
85:15:9D:BF:7F:60:F0
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Dec 21 15:40:26.143 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:B4:3F:9E:E8:A3:88:02:53:25:17:FB:
60:4C:51:F8:4C:5A:81:C7:99:1C:D4:2D:B5:FB:9E:65:
77:6D:37:62:7C:02:21:00:9E:0D:40:73:FD:D6:92:F1:
21:6F:65:3C:2B:D5:95:7F:0F:28:E2:AC:EF:26:D8:8A:
94:A7:83:76:C0:D1:E1:EC
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
Timestamp : Dec 21 15:40:26.162 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:A1:DB:F1:15:D1:31:54:63:C9:22:24:
8D:A0:55:0C:F0:B3:23:E3:5F:1E:73:83:FF:BE:A0:67:
CF:E9:52:9E:0F:02:21:00:EB:22:62:BF:80:AF:EA:BA:
F6:A2:F1:89:AE:B3:A3:99:B7:0C:4D:1C:FD:23:5A:17:
CE:D8:57:A6:42:70:F6:55

SSL check results of paesel-lorei.de