SSL check results of posteo.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for posteo.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sun, 16 Apr 2017 08:25:11 +0000

The mailservers of posteo.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @posteo.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx03.posteo.de
185.67.36.63
10
supported
posteo.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
11.0 s
mx01.posteo.de
185.67.36.61
10
supported
posteo.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
11.0 s
mx04.posteo.de
185.67.36.64
10
supported
posteo.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
11.0 s

Outgoing Mails

We have received emails from these servers with @posteo.de sender addresses. Test mail delivery

Host TLS Version & Cipher
mout01.posteo.de (185.67.36.65)
TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
mout02.posteo.de (185.67.36.66)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

posteo.de

Certificate chain
Subject
jurisdictionC
  • DE
jurisdictionST
  • Berlin
jurisdictionL
  • Berlin (Charlottenburg)
Country (C)
  • DE
State (ST)
  • Berlin
Locality (L)
  • Berlin
Business category
  • Business Entity
Serial number
  • HRA 47592
Organization (O)
  • Posteo e.K.
Common Name (CN)
  • posteo.de
Alternative Names
  • www.posteo.de
  • m.posteo.de
  • mx01.posteo.de
  • mx02.posteo.de
  • mx03.posteo.de
  • mx04.posteo.de
  • lists.posteo.de
  • api.posteo.de
  • cdn.posteo.de
  • autodiscover.posteo.de
  • payment.posteo.de
  • status.posteo.de
  • posteo.de
Issuer
Country (C)
  • US
Organization (O)
  • GeoTrust Inc.
Common Name (CN)
  • GeoTrust EV SSL CA - G4
validity period
Not valid before
2016-12-30
Not valid after
2018-01-21
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
30:2A:06:B8:CF:A8:5B:93:66:5A:44:66:E2:BB:84:05:FE:80:95:3F:5A:FE:D1:08:DB:3B:B0:0D:7C:42:B4:39
SHA1
BD:16:71:84:B0:B1:40:D9:0A:65:99:8C:E6:7B:01:D6:AA:5B:8B:67
X509v3 extensions
crlDistributionPoints
  • Full Name:
  • URI:http://gm.symcb.com/gm.crl
certificatePolicies
  • Policy: 1.3.6.1.4.1.14370.1.6
  • CPS: https://www.geotrust.com/resources/repository/legal
  • User Notice:
  • Explicit Text: https://www.geotrust.com/resources/repository/legal
  • Policy: 2.23.140.1.1
authorityKeyIdentifier
  • keyid:DE:CF:5C:50:B7:AE:02:1F:15:17:AA:16:E8:0D:B5:28:9D:6A:5A:F3
authorityInfoAccess
  • OCSP - URI:http://gm.symcd.com
  • CA Issuers - URI:http://gm.symcb.com/gm.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1(0)
  • Log ID : DD:EB:1D:2B:7A:0D:4F:A6:20:8B:81:AD:81:68:70:7E:
  • 2E:8E:9D:01:D5:5C:88:8D:3D:11:C4:CD:B6:EC:BE:CC
  • Timestamp : Dec 30 14:10:02.976 2016 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:F0:A7:1A:C6:DA:F0:20:C5:CB:F9:1B:
  • E9:53:B4:04:72:6E:1B:58:57:C9:F2:22:3B:6B:01:F8:
  • 86:0C:7F:41:AB:02:21:00:D2:02:BD:10:77:04:91:83:
  • 59:36:7B:C3:EE:50:1F:1F:4C:35:21:16:DC:09:28:9B:
  • F3:E3:E9:A1:9A:8B:8C:2E
  • Signed Certificate Timestamp:
  • Version : v1(0)
  • Log ID : EE:4B:BD:B7:75:CE:60:BA:E1:42:69:1F:AB:E1:9E:66:
  • A3:0F:7E:5F:B0:72:D8:83:00:C4:7B:89:7A:A8:FD:CB
  • Timestamp : Dec 30 14:10:03.043 2016 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:18:31:05:6D:71:00:27:57:8E:59:E3:0C:
  • 2F:BB:40:24:DE:74:5F:69:4B:F8:4D:FE:ED:49:8F:BD:
  • 41:B1:95:C1:02:20:7F:B0:AE:C5:FE:DF:E4:FE:15:A2:
  • DD:6A:D4:9B:B5:32:1B:DC:E0:FB:E5:4F:C6:C3:6C:00:
  • 10:A5:1A:02:C8:4F

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx03.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx03.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx03.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx03.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx03.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx01.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx01.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx01.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx01.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx01.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx04.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx04.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx04.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx04.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx04.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid