SSL-Tools

SSL check results of tdmail.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for tdmail.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 27 May 2020 20:07:57 +0000

The mailservers of tdmail.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @tdmail.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.teledata-fn.de
2a02:590:1:1::61
 10
supported
*.teledata-fn.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
18 s
mx1.teledata-fn.de
217.24.194.61
 10
supported
*.teledata-fn.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
18 s
mx0.teledata-fn.de
2a02:590:1:3::63
 10
supported
*.teledata-fn.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
19 s
mx0.teledata-fn.de
212.62.194.63
 10
supported
*.teledata-fn.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
19 s

Outgoing Mails

We have received emails from these servers with @tdmail.de sender addresses. Test mail delivery

Host TLS Version & Cipher
smtp00.dmz.srv.lzi.ims.td-fn.net (212.62.194.44)
TLSv1.2 AECDH-AES256-SHA

Certificates

First seen at:

CN=*.teledata-fn.de

Certificate chain
Subject
Common Name (CN)
  • *.teledata-fn.de
Alternative Names
  • *.teledata-fn.de
  • teledata-fn.de
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • Thawte TLS RSA CA G1
validity period
Not valid before
2018-02-02
Not valid after
2020-09-11
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
72:C0:05:62:E1:67:46:C1:68:14:97:A1:E3:70:4B:70:FC:41:04:48:59:3B:B6:25:EE:3F:B9:45:F5:9B:3B:10
SHA1
42:B1:D6:03:A9:55:D0:23:2C:08:A1:5C:51:1D:A7:02:3F:00:A1:5D
X509v3 extensions
authorityKeyIdentifier
  • keyid:A5:8C:FE:32:CC:EB:0F:2C:D4:19:C6:08:B8:00:24:88:5D:C3:C5:B7
subjectKeyIdentifier
  • 84:54:21:CD:5A:98:79:23:88:F8:E9:97:EC:3E:FB:8D:E6:D6:7A:C3
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.thawte.com/ThawteTLSRSACAG1.crl
certificatePolicies
  • Policy: 2.16.840.1.114412.1.2
  • CPS: https://www.digicert.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • OCSP - URI:http://status.thawte.com
  • CA Issuers - URI:http://cacerts.thawte.com/ThawteTLSRSACAG1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:B9:09:90:B4:18:58:14:87:BB:13:A2:CC:67:70:0A:
  • 3C:35:98:04:F9:1B:DF:B8:E3:77:CD:0E:C8:0D:DC:10
  • Timestamp : Feb 2 09:14:18.812 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:11:F9:6F:A7:55:72:0A:8D:B2:CC:69:59:
  • 08:AE:43:62:0B:1C:F5:22:69:C4:F8:3A:0D:07:1C:BD:
  • 01:02:62:70:02:21:00:FB:47:EB:5C:83:0D:6B:A8:D9:
  • FA:69:FD:9F:FA:49:97:D9:56:13:4C:42:F7:EC:E2:84:
  • E4:E2:40:0C:ED:FD:02
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 87:75:BF:E7:59:7C:F8:8C:43:99:5F:BD:F3:6E:FF:56:
  • 8D:47:56:36:FF:4A:B5:60:C1:B4:EA:FF:5E:A0:83:0F
  • Timestamp : Feb 2 09:14:18.988 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:CC:BD:90:A2:79:85:7C:D5:73:38:E7:
  • 1A:83:0D:50:6A:F5:A1:A5:11:7C:0E:0C:12:88:E8:FF:
  • D6:12:19:E8:4F:02:20:63:1F:04:7A:9E:51:7D:3B:69:
  • 50:A7:2F:69:78:BA:6D:1E:80:C7:CE:2B:E6:C4:C9:FD:
  • 93:0E:73:AA:37:4A:2D
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : BB:D9:DF:BC:1F:8A:71:B5:93:94:23:97:AA:92:7B:47:
  • 38:57:95:0A:AB:52:E8:1A:90:96:64:36:8E:1E:D1:85
  • Timestamp : Feb 2 09:14:18.846 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:21:BE:EB:35:74:4E:B6:CB:65:3D:EF:15:
  • 19:95:47:1C:C1:5E:66:2E:84:6D:2B:B7:A2:B5:EE:66:
  • 55:86:00:B1:02:21:00:A3:15:FB:BD:1F:FE:89:EF:B9:
  • 9C:E6:6F:95:13:60:7F:02:33:C5:B3:B8:1C:79:AD:62:
  • CF:CB:BF:FD:92:68:48
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : Feb 2 09:14:19.553 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:84:E6:A8:62:AC:37:C0:98:73:57:0F:
  • 3A:FA:1D:88:B1:86:67:2A:FF:BF:63:F0:E0:C1:DA:B1:
  • 7D:3F:9B:27:85:02:20:0F:61:39:83:61:09:F0:6C:21:
  • 04:F0:64:B7:5A:78:ED:54:FD:9F:AA:F1:19:DF:5F:B1:
  • A9:E0:43:AA:14:27:34