SSL check results of ranksitt.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for ranksitt.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Tue, 26 May 2020 02:12:44 +0000

The mailservers of ranksitt.net can be reached through an encrypted connection.

However, we found problems that may affect the security.

Servers

Incoming Mails

These servers are responsible for incoming mails to @ranksitt.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail-gw.ranksitt.net
202.40.176.46
0
supported
*.ranksitt.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
17 s

Outgoing Mails

We have received emails from these servers with @ranksitt.net sender addresses. Test mail delivery

Host TLS Version & Cipher
unknown (202.40.188.94)
Insecure - not encrypted!
unknown (202.40.185.67)
Insecure - not encrypted!
unknown (202.40.186.26)
Insecure - not encrypted!

Certificates

First seen at:

CN=*.ranksitt.net,O=ranksitt.net,OU=Proxmox Mail Gateway

Certificate chain
  • *.ranksitt.net (Certificate is self-signed.)
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
    • Unknown Authority

Subject
Organizational Unit (OU)
  • Proxmox Mail Gateway
Organization (O)
  • ranksitt.net
Common Name (CN)
  • *.ranksitt.net
Issuer

Certificate is self-signed.

validity period
Not valid before
2018-02-20
Not valid after
2028-02-18
Fingerprints
SHA256
2E:E9:21:4A:56:65:60:06:57:77:E3:AA:CA:A7:95:97:1D:BC:1A:0D:CF:D3:5B:12:42:39:E7:E5:53:B3:C8:59
SHA1
32:41:C7:F4:D3:1F:6D:57:BE:3B:7C:7C:2B:0B:E3:FA:10:13:0D:84