SSL check results of schupp.io

NEW You can also bulk check multiple servers.

Discover if the mail servers for schupp.io can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Mon, 13 Nov 2023 01:58:58 +0000

The mailservers of schupp.io can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @schupp.io addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.schupp.io
2a01:4f8:241:797:178:63:7:216
5
supported
*.schupp.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
6 s
mx1.schupp.io
178.63.7.216
5
supported
*.schupp.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
4 s
mx3-prod-de-nbg1.schupp.io
2a01:4f8:c2c:c041::1:3
30
supported
*.schupp.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s
mx3-prod-de-nbg1.schupp.io
116.203.135.109
30
supported
*.schupp.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s

Outgoing Mails

We have received emails from these servers with @schupp.io sender addresses. Test mail delivery

Host TLS Version & Cipher
mx1-prod-de-fsn1-pve1.schupp.io (138.201.23.160)
TLSv1.3 TLS_AES_256_GCM_SHA384
relay1.schupp.io (24.134.220.249)
TLSv1.3 TLS_AES_256_GCM_SHA384

Certificates

First seen at:

CN=*.schupp.io

Certificate chain
Subject
Common Name (CN)
  • *.schupp.io
Alternative Names
  • *.schupp.io
  • schupp.io
Issuer
Country (C)
  • BE
Organization (O)
  • GlobalSign nv-sa
Common Name (CN)
  • AlphaSSL CA - SHA256 - G4
validity period
Not valid before
2023-06-19
Not valid after
2024-07-20
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
CF:1F:93:6E:D7:F1:34:58:29:04:68:27:CF:15:54:08:28:9C:71:83:07:D3:6F:A1:91:40:DA:A7:93:0A:5B:5C
SHA1
38:D2:6D:A8:01:E3:50:A0:11:2E:27:08:9B:3A:F2:89:07:9D:77:01
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://secure.globalsign.com/cacert/alphasslcasha256g4.crt
  • OCSP - URI:http://ocsp.globalsign.com/alphasslcasha256g4
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.4146.10.1.3
  • CPS: https://www.globalsign.com/repository/
crlDistributionPoints
  • Full Name:
  • URI:http://crl.globalsign.com/alphasslcasha256g4.crl
authorityKeyIdentifier
  • keyid:4F:CB:AC:A8:C2:EF:AB:DD:83:6F:6B:BF:CE:98:3D:5C:58:25:76:15
subjectKeyIdentifier
  • D8:14:48:6F:EA:29:08:18:35:62:19:79:57:3C:1E:7B:D3:6F:86:21
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Jun 19 21:07:10.779 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:1A:C1:F8:1A:1B:01:79:20:04:09:68:A6:
  • 5C:BE:1F:C5:79:7E:CA:53:CF:2A:53:13:37:F3:EF:56:
  • 95:8A:10:43:02:20:79:7F:DD:C2:82:2F:1B:5F:4B:0F:
  • 63:B6:B6:7A:1E:79:2A:FC:06:CC:D2:5E:26:DB:15:AD:
  • ED:D5:E8:4D:13:06
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Jun 19 21:07:10.040 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:7C:51:BB:EC:4A:BC:BE:A0:E1:9E:5E:41:
  • 90:64:37:88:D8:A3:18:E9:4C:7E:D6:5F:59:6D:41:B0:
  • 69:9E:20:97:02:21:00:B9:2D:03:84:40:56:8E:A8:42:
  • D1:28:15:D8:43:E5:5A:F7:16:4A:98:B0:50:FB:FA:28:
  • 22:63:76:97:F7:8B:AE
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
  • 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
  • Timestamp : Jun 19 21:07:10.708 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:1D:05:67:6B:5C:A1:5E:3A:60:CE:D3:BE:
  • F5:C0:34:BD:5B:62:BC:2F:49:03:81:31:E2:15:B3:B8:
  • D0:DB:35:9E:02:21:00:CB:25:81:6E:E9:A5:DC:6B:8B:
  • 5E:96:33:B1:CB:12:5C:93:9B:D7:6F:EB:49:DA:52:FE:
  • DD:BB:DD:53:B9:CD:DD

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx1.schupp.io
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx3-prod-de-nbg1.schupp.io
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid