SSL check results of protonmail.ch

NEW You can also bulk check multiple servers.

Discover if the mail servers for protonmail.ch can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Thu, 09 Jul 2020 19:23:44 +0000

No connection to the mailservers of protonmail.ch could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @protonmail.ch addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.protonmail.ch
185.70.40.103
Results incomplete
5
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
6 s
mailsec.protonmail.ch
185.70.40.102
Results incomplete
10
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have received emails from these servers with @protonmail.ch sender addresses. Test mail delivery

Host TLS Version & Cipher
mail-40131.protonmail.ch (185.70.40.131)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
mail-40130.protonmail.ch (185.70.40.130)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
mail-40132.protonmail.ch (185.70.40.132)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

No Certificates found

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.protonmail.ch
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.protonmail.ch
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mailsec.protonmail.ch
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mailsec.protonmail.ch
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid