SSL check results of securesmtp.t-online.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for securesmtp.t-online.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Tue, 31 Mar 2015 04:50:13 +0000

The mailservers of securesmtp.t-online.de can be reached through an encrypted connection.

However, we found problems that may affect the security.

Servers

Incoming Mails

These servers are responsible for incoming mails to @securesmtp.t-online.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
sfwdallmx.t-online.de
194.25.134.46
10
supported
securesmtp.t-online.de
Certificate does not match hostname
PFS
supported
DANE
missing
Heartbleed
not vulnerable
Poodle
not possible
  • TLSv1.0
  • TLSv1.1
  • TLSv1.2
47.0 s
sfwdallmx.t-online.de
194.25.134.110
10
supported
securesmtp.t-online.de
Certificate does not match hostname
PFS
supported
DANE
missing
Heartbleed
not vulnerable
Poodle
not possible
  • TLSv1.0
  • TLSv1.1
  • TLSv1.2
59.0 s

Outgoing Mails

We have not received any emails from a @securesmtp.t-online.de address so far. Test mail delivery

Certificates

First seen at:

securesmtp.t-online.de

Certificate chain
Subject
Country (C)
  • DE
Organization (O)
  • Deutsche Telekom AG
Organizational Unit (OU)
  • P&I AM/DCS
State (ST)
  • Hessen
Locality (L)
  • Darmstadt
Email
  • certadmin_pi@telekom.de
Common Name (CN)
  • securesmtp.t-online.de
Alternative Names
  • securesmtp.t-online.de
  • smtpmail.t-online.de
  • smtp-mail.t-online.de
  • secure-smtp.t-online.de
  • umsgate.t-online.de
  • asmtp.t-online.de
  • secure-asmtp.t-online.de
  • smtp.t-online.de
Issuer
Country (C)
  • DE
Organization (O)
  • T-Systems International GmbH
Organizational Unit (OU)
  • T-Systems Trust Center
State (ST)
  • Nordrhein Westfalen
Postal code
  • 57250
Locality (L)
  • Netphen
Street
  • Untere Industriestr. 20
Common Name (CN)
  • TeleSec ServerPass DE-2
validity period
Not valid before
2014-03-24
Not valid after
2016-03-29
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Client Authentication
  • TLS Web Server Authentication
Fingerprints
SHA256
AB:01:D4:71:21:7F:C8:85:4D:4B:3F:59:D8:7D:DB:BE:E3:7D:F9:EE:9D:4B:9D:46:BD:F6:51:34:A6:24:1F:6C
SHA1
55:52:3F:38:95:39:23:D1:E3:91:71:AC:5B:FB:30:D9:52:73:ED:70
X509v3 extensions
authorityKeyIdentifier
  • keyid:54:04:29:6F:A2:93:C6:90:31:45:C0:3D:DE:2B:E2:0A:69:80:92:5F
subjectKeyIdentifier
  • A6:A5:C0:42:7D:59:44:F6:6C:1E:30:16:4F:F3:C2:37:38:67:94:5C
certificatePolicies
  • Policy: 1.3.6.1.4.1.7879.13.2
  • CPS: http://www.telesec.de/serverpass/cps.html
  • Policy: 2.23.140.1.2.2
crlDistributionPoints
  • Full Name:
  • URI:http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_DE-2.crl
  • Full Name:
  • URI:ldap://ldap.serverpass.telesec.de/cn=TeleSec%20ServerPass%20DE-2,ou=T-Systems%20Trust%20Center,o=T-Systems%20International%20GmbH,c=de?certificateRevocationlist?base?certificateRevocationlist=*
authorityInfoAccess
  • OCSP - URI:http://ocsp.serverpass.telesec.de/ocspr
  • CA Issuers - URI:http://crl.serverpass.telesec.de/crt/TeleSec_ServerPass_DE-2.cer
  • CA Issuers - URI:ldap://ldap.serverpass.telesec.de/cn=TeleSec%20ServerPass%20DE-2,ou=T-Systems%20Trust%20Center,o=T-Systems%20International%20GmbH,c=de?cACertificate