universal-mw.de - TLS / STARTTLS Test

Discover if the mail servers for universal-mw.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 07 Nov 2020 23:40:41 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of universal-mw.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @universal-mw.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mx1.secure.ly 159.8.14.213	10	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 12 s
mx1.secure.ly 41.208.71.51	10	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 13 s
mx1.secure.ly 41.208.71.38	10	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 13 s
mx1.secure.ly 37.58.121.228	10	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 12 s
mx2.secure.ly 41.208.71.52	20	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 13 s
mx2.secure.ly 41.208.71.31	20	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 13 s
mx2.secure.ly 37.58.107.241	20	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 12 s
mx2.secure.ly 5.153.57.117	20	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 12 s
mx3.secure.ly 41.208.71.51	30	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 14 s
mx3.secure.ly 41.208.71.38	30	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 15 s
mx3.secure.ly 37.58.121.228	30	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 12 s
mx3.secure.ly 159.8.14.213	30	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 12 s
mx4.secure.ly 41.208.71.52	40	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 13 s
mx4.secure.ly 5.153.57.117	40	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 12 s
mx4.secure.ly 37.58.107.241	40	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 12 s
mx4.secure.ly 41.208.71.31	40	supported	*.secure.ly	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-11-07 13 s

Outgoing Mails

We have not received any emails from a @universal-mw.de address so far. Test mail delivery

Certificates

First seen at: 2020-06-17

CN=*.secure.ly

Certificate chain

*.secure.ly
- 2021-03-31 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

*.secure.ly

Alternative Names

*.secure.ly
secure.ly

Issuer

Country (C)

Organization (O)

DigiCert Inc

Organizational Unit (OU)

www.digicert.com

Common Name (CN)

RapidSSL RSA CA 2018

validity period

Not valid before: 2020-03-01
Not valid after: 2021-03-31

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 1C:03:18:5D:C6:63:EB:F2:58:53:6E:24:77:41:06:AF:12:D1:0F:BF:CE:7B:21:5F:7D:A2:DB:D7:2B:E9:10:9E
SHA1: 2A:FE:04:E1:EC:60:8A:AC:1B:1F:AC:43:4B:D0:E0:F8:E4:B6:FC:15

X509v3 extensions

authorityKeyIdentifier

keyid:53:CA:17:59:FC:6B:C0:03:21:2F:1A:AE:E4:AA:A8:1C:82:56:DA:75

subjectKeyIdentifier

72:8B:2D:AE:18:0C:2B:C4:C0:85:99:A1:A9:6E:F5:63:AD:91:3D:31

crlDistributionPoints

Full Name:
URI:http://cdp.rapidssl.com/RapidSSLRSACA2018.crl

certificatePolicies

Policy: 2.16.840.1.114412.1.2
CPS: https://www.digicert.com/CPS
Policy: 2.23.140.1.2.1

authorityInfoAccess

OCSP - URI:http://status.rapidssl.com
CA Issuers - URI:http://cacerts.rapidssl.com/RapidSSLRSACA2018.crt

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A4:B9:09:90:B4:18:58:14:87:BB:13:A2:CC:67:70:0A:
3C:35:98:04:F9:1B:DF:B8:E3:77:CD:0E:C8:0D:DC:10
Timestamp : Mar 1 11:26:17.568 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:71:96:99:F8:7D:54:B3:67:2F:88:2C:BD:
65:49:16:C2:58:6F:A6:E6:7A:B4:80:AC:E7:C8:67:C5:
C5:D6:D6:CE:02:20:7C:8D:FD:85:9A:2A:B4:1F:23:ED:
1F:39:A5:DF:56:47:FF:62:48:7A:80:E5:4C:E8:1B:13:
16:88:00:D6:1A:08
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
Timestamp : Mar 1 11:26:17.628 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:3F:8E:99:22:9A:5D:6A:C3:C4:F0:5A:37:
5D:22:37:8B:56:16:EC:63:4D:91:DE:3F:74:4D:C0:66:
D7:2A:60:8A:02:21:00:BA:04:31:1D:E0:72:4B:50:C9:
3D:32:7B:8F:38:70:E0:31:D4:D0:FF:8A:4A:5E:42:41:
C0:B3:56:3A:DA:E0:24

SSL check results of universal-mw.de