SSL check results of securesmtp.t-online.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for securesmtp.t-online.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Wed, 09 Mar 2016 22:40:00 +0000

The mailservers of securesmtp.t-online.de can be reached through an encrypted connection.

However, we found problems that may affect the security.

Servers

Incoming Mails

These servers are responsible for incoming mails to @securesmtp.t-online.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
sfwdallmx.t-online.de
194.25.134.46
10
supported
securesmtp.t-online.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
11.0 s
sfwdallmx.t-online.de
194.25.134.110
10
supported
securesmtp.t-online.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
11.0 s

Outgoing Mails

We have not received any emails from a @securesmtp.t-online.de address so far. Test mail delivery

Certificates

First seen at:

securesmtp.t-online.de

Certificate chain
Subject
Country (C)
  • DE
Organization (O)
  • Deutsche Telekom AG
Organizational Unit (OU)
  • P&I AM/DCS
State (ST)
  • Hessen
Locality (L)
  • Darmstadt
Email
  • certadmin_pi@telekom.de
Common Name (CN)
  • securesmtp.t-online.de
Alternative Names
  • securesmtp.t-online.de
Issuer
Country (C)
  • DE
Organization (O)
  • T-Systems International GmbH
Organizational Unit (OU)
  • T-Systems Trust Center
State (ST)
  • Nordrhein Westfalen
Postal code
  • 57250
Locality (L)
  • Netphen
Street
  • Untere Industriestr. 20
Common Name (CN)
  • TeleSec ServerPass DE-2
validity period
Not valid before
2016-03-09
Not valid after
2018-03-14
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Client Authentication
  • TLS Web Server Authentication
Fingerprints
SHA256
AC:42:E7:65:8C:F0:B0:46:36:AA:34:19:E8:72:AB:92:27:94:F0:F9:4A:1A:0C:A1:30:B1:BF:2C:91:7A:EF:A2
SHA1
1F:E5:C8:2F:52:E0:E4:62:1A:6E:97:E8:67:E3:18:57:C8:38:F5:23
X509v3 extensions
authorityKeyIdentifier
  • keyid:54:04:29:6F:A2:93:C6:90:31:45:C0:3D:DE:2B:E2:0A:69:80:92:5F
subjectKeyIdentifier
  • 50:C3:10:79:04:FD:9D:28:91:C5:51:71:30:B5:A8:B3:15:60:0A:F3
certificatePolicies
  • Policy: 1.3.6.1.4.1.7879.13.2
  • CPS: http://www.telesec.de/serverpass/cps.html
  • Policy: 2.23.140.1.2.2
crlDistributionPoints
  • Full Name:
  • URI:http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_DE-2.crl
  • Full Name:
  • URI:ldap://ldap.serverpass.telesec.de/cn=TeleSec%20ServerPass%20DE-2,ou=T-Systems%20Trust%20Center,o=T-Systems%20International%20GmbH,c=de?certificateRevocationlist?base?certificateRevocationlist=*
authorityInfoAccess
  • OCSP - URI:http://ocsp.serverpass.telesec.de/ocspr
  • CA Issuers - URI:http://crl.serverpass.telesec.de/crt/TeleSec_ServerPass_DE-2.cer
  • CA Issuers - URI:ldap://ldap.serverpass.telesec.de/cn=TeleSec%20ServerPass%20DE-2,ou=T-Systems%20Trust%20Center,o=T-Systems%20International%20GmbH,c=de?cACertificate