spambarrier.de - TLS / STARTTLS Test

Discover if the mail servers for spambarrier.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 08 Feb 2026 17:56:54 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Problems found

The mailservers of spambarrier.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @spambarrier.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.kundenserver.jetzt 159.69.18.25	5	supported	mail.kundenserver.jetzt	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2026-02-08 1 s
mx1.spambarrier.de 78.46.139.117 Results incomplete	10	supported	not checked	DANE errors PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2026-02-08 1 s
mx2.spambarrier.de 5.189.136.147 Results incomplete	20	supported	not checked	DANE errors PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2026-02-08 1 s

Outgoing Mails

We have not received any emails from a @spambarrier.de address so far. Test mail delivery

Certificates

First seen at: 2026-02-07

CN=mail.kundenserver.jetzt

Certificate chain

mail.kundenserver.jetzt
- 2026-03-22 remaining
- 4096 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

mail.kundenserver.jetzt

Alternative Names

mail.kundenserver.jetzt

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-12-22
Not valid after: 2026-03-22

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 50:00:57:66:96:6B:C8:56:61:04:03:9F:D5:27:1A:D1:6D:2A:83:D6:F5:2A:9C:C7:14:6B:31:5A:8B:C7:66:22
SHA1: E5:88:87:D1:EB:96:26:04:88:6E:54:AB:5F:40:E2:1C:09:34:8B:9B

X509v3 extensions

subjectKeyIdentifier

B7:BD:E6:BC:F0:99:5E:E0:3B:46:07:56:7A:08:FC:42:12:2E:1F:7B

authorityKeyIdentifier

keyid:E7:AB:9F:0F:2C:33:A0:53:D3:5E:4F:78:C8:B2:84:0E:3B:D6:92:33

authorityInfoAccess

CA Issuers - URI:http://r13.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://r13.c.lencr.org/100.crl

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CB:38:F7:15:89:7C:84:A1:44:5F:5B:C1:DD:FB:C9:6E:
F2:9A:59:CD:47:0A:69:05:85:B0:CB:14:C3:14:58:E7
Timestamp : Dec 22 22:28:30.145 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:1C:A6:E3:33:43:47:6B:94:3C:3A:BA:4A:
DE:CA:90:D6:7E:3A:8B:96:BF:2F:44:05:F0:91:2A:DB:
DC:10:91:2E:02:21:00:B4:43:04:4F:EC:6A:BD:3E:98:
51:A4:ED:69:22:CD:F5:A0:15:79:F4:0E:B1:EC:82:62:
38:D1:8E:6A:3A:18:32
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : D1:6E:A9:A5:68:07:7E:66:35:A0:3F:37:A5:DD:BC:03:
A5:3C:41:12:14:D4:88:18:F5:E9:31:B3:23:CB:95:04
Timestamp : Dec 22 22:28:30.352 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:F6:26:53:1D:96:AD:62:06:4F:1B:B5:
63:95:90:4E:86:46:F6:80:D2:ED:AE:BC:75:21:3C:0C:
3A:30:DB:94:A3:02:20:44:AB:36:23:E5:D7:95:78:DD:
08:DB:36:57:F4:26:5B:A2:26:EB:44:C4:AA:E6:8A:21:
F7:6C:A3:5C:22:46:5C

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mx1.spambarrier.de	DANE-TA: Trust Anchor Assertion Use full certificate SHA-256 Hash	valid	—
_25._tcp.mx2.spambarrier.de	DANE-TA: Trust Anchor Assertion Use full certificate SHA-256 Hash	valid	—

SSL check results of spambarrier.de