SSL-Tools

SSL check results of snarked.org

NEW You can also bulk check multiple servers.

Discover if the mail servers for snarked.org can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 26 May 2020 17:44:29 +0000

We can not guarantee a secure connection to the mailservers of snarked.org!

Please contact the operator of snarked.org and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/snarked.org

Servers

Incoming Mails

These servers are responsible for incoming mails to @snarked.org addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
gate.snarked.org
2607:f350:1:1225::1
Results incomplete
10 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
gate.snarked.org
67.43.172.249
Results incomplete
10 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mail.snarked.org
2607:f350:1:1225::1:3
Results incomplete
20 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mail.snarked.org
67.43.172.250
Results incomplete
20 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mail.snarked.net
2607:f350:1:1225::2:3
Results incomplete
30 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mail.snarked.net
67.43.172.254
Results incomplete
30 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mx.fakemx.net
95.216.253.132
Results incomplete
60 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mxbackup1.junkemailfilter.com
184.105.182.148
 80
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
14 s
mxbackup2.junkemailfilter.com
184.105.182.219
Results incomplete
90
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mxbackup2.junkemailfilter.com
184.105.182.228
 90
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • SSLv3
28 s
mxbackup2.junkemailfilter.com
184.105.182.229
Results incomplete
90
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mxbackup2.junkemailfilter.com
184.105.182.218
 90
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • SSLv3
27 s
mxbackup2.junkemailfilter.com
184.105.182.220
 90
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
30 s
mxbackup2.junkemailfilter.com
184.105.182.210
 90
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
30 s

Outgoing Mails

We have not received any emails from a @snarked.org address so far. Test mail delivery

Certificates

First seen at:

CN=junkemailfilter.com

Certificate chain
Subject
Common Name (CN)
  • junkemailfilter.com
Alternative Names
  • *.junkemailfilter.com
  • junkemailfilter.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2020-05-11
Not valid after
2020-08-09
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
67:BD:75:21:38:48:26:5E:D6:E2:0D:46:51:35:54:41:18:C9:62:B8:17:8D:EB:A7:2C:3A:1E:11:0A:67:CB:DD
SHA1
86:AE:7F:ED:09:D3:39:40:93:E9:FA:1A:D3:EF:D1:4F:1F:73:9C:A4
X509v3 extensions
subjectKeyIdentifier
  • FB:20:D2:FC:30:AA:F6:DC:89:B0:30:23:C6:40:1C:8E:85:77:B1:BD
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : B2:1E:05:CC:8B:A2:CD:8A:20:4E:87:66:F9:2B:B9:8A:
  • 25:20:67:6B:DA:FA:70:E7:B2:49:53:2D:EF:8B:90:5E
  • Timestamp : May 11 10:40:28.205 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:D6:27:75:B2:C3:04:DF:26:18:B1:36:
  • 1E:90:55:E2:62:47:10:72:94:AA:4C:5D:23:C5:84:1B:
  • 4A:8F:E1:97:19:02:21:00:9A:2F:A6:BB:60:96:BE:B9:
  • 0C:46:EF:E4:A0:75:1F:6A:16:B0:12:C5:FB:23:6D:EE:
  • 6D:63:9A:5B:DC:C7:C8:85
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : May 11 10:40:28.378 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:87:2D:7F:7C:D3:F8:CD:7A:18:9A:7A:
  • 20:47:38:20:01:58:62:F3:C7:05:89:44:2D:9F:6F:93:
  • 58:1D:87:98:F0:02:20:16:C5:81:2C:7D:E9:3F:80:32:
  • 3C:BE:A6:95:06:D7:58:75:FD:65:5E:6D:E0:EA:80:98:
  • E6:4C:38:C1:61:B2:21

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.gate.snarked.org
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.gate.snarked.org
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-512 Hash
valid
_25._tcp.mail.snarked.net
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-512 Hash
valid
_25._tcp.mail.snarked.net
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.snarked.org
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-512 Hash
valid
_25._tcp.mail.snarked.org
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid