SSL check results of stussi.name

NEW You can also bulk check multiple servers.

Discover if the mail servers for stussi.name can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Thu, 06 Dec 2018 18:00:08 +0000

We can not guarantee a secure connection to the mailservers of stussi.name!

Please contact the operator of stussi.name and ask him or her to solve this problem. This result stays accessible under the following address:

https://ssl-tools.net/mailservers/stussi.name

Servers

Incoming Mails

These servers are responsible for incoming mails to @stussi.name addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.stussi.name
2607:f350:1:1225::3:3
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mail.stussi.name
67.43.172.251
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
10 s
mx.fakemx.net
176.9.36.246
Results incomplete
70
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
3 s
mx.fakemx.net
176.9.36.246
Results incomplete
80
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
3 s
tarbaby.junkemailfilter.com
198.100.189.102
Results incomplete
90 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
tarbaby.junkemailfilter.com
184.105.182.222
90
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
32 s
tarbaby.junkemailfilter.com
184.105.182.223
90
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
29 s
tarbaby.junkemailfilter.com
198.100.189.101
Results incomplete
90 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
tarbaby.junkemailfilter.com
198.100.189.103
Results incomplete
90 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
tarbaby.junkemailfilter.com
184.105.182.221
90
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
29 s
tarbaby.junkemailfilter.com
184.105.182.211
90
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
28 s
tarbaby.junkemailfilter.com
184.105.182.213
Results incomplete
90 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
tarbaby.junkemailfilter.com
184.105.182.212
Results incomplete
90 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s

Outgoing Mails

We have not received any emails from a @stussi.name address so far. Test mail delivery

Certificates

First seen at:

CN=junkemailfilter.com

Certificate chain
Subject
Common Name (CN)
  • junkemailfilter.com
Alternative Names
  • *.junkemailfilter.com
  • junkemailfilter.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2018-09-06
Not valid after
2018-12-05
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
67:91:2F:FA:5F:A1:18:21:40:1A:E5:8F:2A:A3:45:57:C3:9D:E6:11:33:07:13:AF:90:92:13:DC:81:65:6D:58
SHA1
64:99:AE:86:EB:87:77:24:C1:5D:0D:FC:4F:CA:D6:F9:31:20:6E:ED
X509v3 extensions
subjectKeyIdentifier
  • CA:9D:8B:96:97:03:82:5B:CB:F5:08:A1:38:50:DE:D7:74:76:2F:FA
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
  • User Notice:
  • Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 29:3C:51:96:54:C8:39:65:BA:AA:50:FC:58:07:D4:B7:
  • 6F:BF:58:7A:29:72:DC:A4:C3:0C:F4:E5:45:47:F4:78
  • Timestamp : Sep 6 03:57:24.643 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:79:3B:11:B2:93:45:31:56:84:8E:05:9F:
  • EA:1B:DF:BF:B6:DC:09:9B:E7:FA:4E:9C:E9:7C:ED:FE:
  • E5:4E:5C:57:02:20:7C:1B:C6:4A:21:45:79:69:93:5B:
  • AA:5D:22:C9:D0:01:14:6C:E6:4B:3A:7A:B4:84:95:E9:
  • B4:1A:77:AB:7F:14
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : Sep 6 03:57:25.168 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:CE:ED:CF:E6:35:B5:09:E7:36:35:11:
  • D4:56:57:52:B1:98:91:1A:FF:E0:5F:38:68:20:61:7F:
  • 9B:B8:F5:95:C9:02:20:63:EA:3B:68:B8:F2:A1:88:84:
  • DD:47:41:BB:1E:30:D7:BD:C1:61:87:F3:6D:5E:89:30:
  • 42:8B:7F:6F:FF:B5:13