SSL check results of peterjin.org

NEW You can also bulk check multiple servers.

Discover if the mail servers for peterjin.org can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Tue, 12 Jan 2021 06:13:36 +0000

We can not guarantee a secure connection to the mailservers of peterjin.org!

Please contact the operator of peterjin.org and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/peterjin.org

Servers

Incoming Mails

These servers are responsible for incoming mails to @peterjin.org addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.srv.peterjin.org
2602:806:a000:8000::25
Results incomplete
1
unsupported
not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
mx1.srv.peterjin.org
23.161.208.241
1
supported
mx1.srv.peterjin.org
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
7 s
apps-vm8.srv.peterjin.org
2600:3c03::f03c:92ff:fe5e:331f
5
supported
apps-vm8.srv.peterjin.org
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
6 s
apps-vm8.srv.peterjin.org
172.104.25.121
5
supported
apps-vm8.srv.peterjin.org
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
5 s

Outgoing Mails

We have received emails from these servers with @peterjin.org sender addresses. Test mail delivery

Host TLS Version & Cipher
mail1-2.rdns.peterjin.org (IPv6:2602:806:a000:8000::152)
TLSv1.3 TLS_AES_256_GCM_SHA384
mail1-4.rdns.peterjin.org (IPv6:2602:806:a000:8000::154)
TLSv1.3 TLS_AES_256_GCM_SHA384
sodium.ptable.misc.peterjin.org (IPv6:2602:806:a003:40e::1869:11)
TLSv1.3 TLS_AES_256_GCM_SHA384
my-bonnie-lies-over-the-ocean-60.misc.peterjin.org (IPv6:2602:806:a003:40e::b077:1e60)
TLSv1.3 TLS_AES_256_GCM_SHA384
mail1-11.rdns.peterjin.org (IPv6:2602:806:a000:8000::15b)
TLSv1.3 TLS_AES_256_GCM_SHA384
mail1-10.rdns.peterjin.org (IPv6:2602:806:a000:8000::15a)
TLSv1.3 TLS_AES_256_GCM_SHA384
mail1-3.rdns.peterjin.org (IPv6:2602:806:a000:8000::153)
TLSv1.3 TLS_AES_256_GCM_SHA384
mail1-0.rdns.peterjin.org (23.161.208.0)
TLSv1.3 TLS_AES_256_GCM_SHA384
vm6-superhost-8.srv.peterjin.org (IPv6:2602:806:a000:8000::8)
TLSv1.3 TLS_AES_256_GCM_SHA384
unknown (IPv6:2001:19f0:5c01:1bd1:5400:1ff:fee0:bc66)
TLSv1.3 TLS_AES_256_GCM_SHA384
mail-mw2nam10on2120.outbound.protection.outlook.com (40.107.94.120)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=mx1.srv.peterjin.org

Certificate chain
  • mx1.srv.peterjin.org
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption

      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption

Subject
Common Name (CN)
  • mx1.srv.peterjin.org
Alternative Names
  • m-i6t-fallback.srv.peterjin.org
  • m-i6t.srv.peterjin.org
  • mx1.peterjin.org
  • mx1.srv.peterjin.org
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2020-12-16
Not valid after
2021-03-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
D2:44:CB:77:BB:6A:9A:19:93:DA:69:41:D8:A1:5D:13:BE:48:A4:00:43:7A:38:E3:18:0C:71:00:B5:4C:03:5D
SHA1
34:7A:1C:A8:83:43:C6:3F:C0:18:1F:0A:36:FD:02:4D:2D:3D:67:9C
X509v3 extensions
subjectKeyIdentifier
  • 1E:D0:5A:56:F6:B4:1F:A6:FB:B1:D4:C6:91:FB:15:2C:45:2F:12:4D
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
  • DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
  • Timestamp : Dec 16 10:11:10.942 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:2F:48:D0:D1:59:66:78:6F:0B:65:D4:21:
  • 49:76:67:29:DF:BE:F2:74:97:A7:DC:A9:21:80:38:25:
  • FF:38:FA:7B:02:21:00:AF:2F:E9:18:34:A5:1C:C6:32:
  • 49:76:E3:68:9F:AC:E2:AF:84:93:A0:E3:B1:17:D8:8F:
  • FF:77:B5:38:65:95:F1
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Dec 16 10:11:10.930 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:91:AF:8B:CD:26:84:17:14:3A:7F:AC:
  • AF:70:00:64:5B:C0:4C:60:A7:F2:72:B0:74:55:57:D8:
  • 8A:99:34:8B:58:02:21:00:DD:34:DB:A3:C3:4C:26:C5:
  • F2:2F:FB:0D:59:40:C0:4E:DF:8C:A0:11:B6:9F:7B:01:
  • 96:5B:16:45:D5:FF:4E:EF
First seen at:

CN=apps-vm8.srv.peterjin.org

Certificate chain
  • apps-vm8.srv.peterjin.org
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption

      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption

Subject
Common Name (CN)
  • apps-vm8.srv.peterjin.org
Alternative Names
  • apps-vm8.srv.peterjin.org
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2020-12-25
Not valid after
2021-03-25
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
E1:06:A6:39:0D:F9:48:1D:F1:51:B5:58:48:BC:39:59:60:14:DF:0B:1E:A7:4D:D8:5F:64:E5:20:63:BD:BB:D2
SHA1
B7:51:3E:45:42:08:E9:06:81:7C:D3:E5:28:33:5C:97:DA:8A:07:0B
X509v3 extensions
subjectKeyIdentifier
  • 27:10:A5:82:87:B3:01:98:77:73:B7:DB:BB:75:B8:36:42:A6:47:88
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Dec 25 20:07:05.184 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:BD:52:51:7B:7F:95:58:C9:FB:A4:FA:
  • 05:3E:B9:1E:D2:F6:4F:F2:CA:B4:10:9E:D5:B8:BE:97:
  • 2D:10:C1:5E:95:02:20:40:5A:C7:A5:14:7E:66:F4:A4:
  • F6:3B:02:CD:8E:F4:0E:F3:40:7E:21:53:00:53:BB:91:
  • 62:78:6B:04:33:7F:09
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : Dec 25 20:07:05.394 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:8C:51:4F:9C:D8:33:49:4E:6F:23:85:
  • DC:A0:59:B6:1D:2E:2E:E0:97:C7:09:08:06:31:41:F1:
  • CA:6D:80:8B:17:02:21:00:9D:7D:C8:61:71:AC:11:EB:
  • 72:80:B4:62:6A:CF:9C:86:C9:A2:48:0A:81:2A:C0:55:
  • C0:03:D3:50:47:9B:A6:38

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx1.srv.peterjin.org
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx1.srv.peterjin.org
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.apps-vm8.srv.peterjin.org
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid