proebstle-tax.de - TLS / STARTTLS Test

Discover if the mail servers for proebstle-tax.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 09 Nov 2023 07:43:32 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of proebstle-tax.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @proebstle-tax.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
maildomain.datevnet.de 2a00:e50:f155:7::ce	10	supported	mailin11.prod.datevnet.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-11-09 7 s
maildomain.datevnet.de 2a00:e50:f155:7::dc	10	supported	mailin11.prod.datevnet.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-11-09 7 s
maildomain.datevnet.de 193.27.49.206	10	supported	mailin11.prod.datevnet.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-11-09 6 s
maildomain.datevnet.de 193.27.49.220	10	supported	mailin11.prod.datevnet.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-11-09 7 s
maildomain.datevnet.com 2a00:e50:f155:7::cf	20	supported	mailin11.prod.datevnet.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-11-09 7 s
maildomain.datevnet.com 2a00:e50:f155:7::dd	20	supported	mailin11.prod.datevnet.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-11-09 8 s
maildomain.datevnet.com 193.27.49.207	20	supported	mailin11.prod.datevnet.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-11-09 7 s
maildomain.datevnet.com 193.27.49.221	20	supported	mailin11.prod.datevnet.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-11-09 7 s

Outgoing Mails

We have not received any emails from a @proebstle-tax.de address so far. Test mail delivery

Certificates

First seen at: 2023-07-11

CN=mailin11.prod.datevnet.com,O=DATEV eG,L=Nürnberg,ST=Bayern,C=DE

Certificate chain

mailin11.prod.datevnet.com
- 2024-06-26 remaining
- 256 bit
- sha256WithRSAEncryption

Subject

Country (C)

State (ST)

Bayern

Locality (L)

Nürnberg

Organization (O)

DATEV eG

Common Name (CN)

mailin11.prod.datevnet.com

Alternative Names

mailin11.prod.datevnet.com
mailin12.prod.datevnet.de
maildomain.datevnet.de
maildomain.datevnet.com

Issuer

Country (C)

Organization (O)

DigiCert Inc

Organizational Unit (OU)

www.digicert.com

Common Name (CN)

Thawte TLS RSA CA G1

validity period

Not valid before: 2023-06-28
Not valid after: 2024-06-26

This certifcate has been verified for the following usages:

Digital Signature
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 98:2B:CF:EE:93:AC:DC:AC:CB:D5:68:6C:55:3F:27:16:8A:D4:E8:4C:85:8E:BA:98:01:4E:43:1C:93:13:46:EA
SHA1: 94:CA:C1:9D:D0:75:56:71:48:3F:35:79:28:EA:0B:B3:23:4F:F7:59

X509v3 extensions

authorityKeyIdentifier

keyid:A5:8C:FE:32:CC:EB:0F:2C:D4:19:C6:08:B8:00:24:88:5D:C3:C5:B7

subjectKeyIdentifier

5E:7A:3B:EB:A5:9A:69:A1:44:BC:16:C9:7D:30:1F:3D:BF:4C:AE:46

crlDistributionPoints

Full Name:
URI:http://cdp.thawte.com/ThawteTLSRSACAG1.crl

certificatePolicies

Policy: 2.23.140.1.2.2
CPS: http://www.digicert.com/CPS

authorityInfoAccess

OCSP - URI:http://status.thawte.com
CA Issuers - URI:http://cacerts.thawte.com/ThawteTLSRSACAG1.crt

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Jun 28 06:38:40.974 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:EF:0D:FF:9F:51:03:03:95:58:17:4A:
AC:B3:AA:D5:0D:85:C0:F0:73:A9:BF:45:AE:72:A3:4C:
E1:33:A1:36:02:02:21:00:D3:45:5C:B9:DE:A6:DD:E6:
69:D8:52:97:FC:74:8E:B3:AB:29:E4:8F:E2:9E:8A:48:
D0:93:F8:54:45:43:5A:DE
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Jun 28 06:38:41.073 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:73:20:C4:9F:7B:15:86:C8:31:2B:D4:81:
F8:EB:6D:C0:F8:56:C5:46:AA:93:21:D7:8E:21:4C:FB:
55:F3:E5:DA:02:20:36:28:10:F1:FA:A4:D3:E2:F3:6B:
4F:DE:B6:87:C8:66:48:1F:6D:F7:DA:24:30:31:EF:07:
5C:92:FB:C4:F9:80
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
Timestamp : Jun 28 06:38:41.019 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:16:BD:79:A1:34:8F:88:65:ED:92:A4:F0:
AC:DB:A1:B9:61:6B:22:27:7C:38:A1:DE:8D:E9:B7:36:
F1:00:7A:53:02:20:34:46:7C:E3:39:F8:BE:E2:FA:E2:
7F:3E:C7:9E:39:50:4E:AD:B1:E6:4E:99:D3:93:BF:82:
78:4F:B4:D9:A8:B2

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.maildomain.datevnet.com	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid
_25._tcp.maildomain.datevnet.com	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	—
_25._tcp.maildomain.datevnet.com	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	—
_25._tcp.maildomain.datevnet.com	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	—
_25._tcp.maildomain.datevnet.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid
_25._tcp.maildomain.datevnet.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	—
_25._tcp.maildomain.datevnet.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	—
_25._tcp.maildomain.datevnet.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	—

SSL check results of proebstle-tax.de