willexplo.de - TLS / STARTTLS Test

Discover if the mail servers for willexplo.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 21 Nov 2024 01:31:40 +0000

Certificates

Trustworthy
Protocol

Problems found
DANE

Problems found

We can not guarantee a secure connection to the mailservers of willexplo.de!

Please contact the operator of willexplo.de and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/willexplo.de

Servers

Incoming Mails

These servers are responsible for incoming mails to @willexplo.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
ra.horus-it.com 2a01:4f9:6a:528d::a Results incomplete	10	unsupported	not checked	DANE errors PFS not checked Heartbleed not checked Weak ciphers not checked		2024-11-21 11 s
ra.horus-it.com 65.108.3.114	10	supported	horus-it.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2024-11-21 12 s

Outgoing Mails

We have not received any emails from a @willexplo.de address so far. Test mail delivery

Certificates

First seen at: 2024-11-21

CN=horus-it.com

Certificate chain

horus-it.com
- 2025-01-19 remaining
- 384 bit
- ecdsa-with-SHA384

Subject

Common Name (CN)

horus-it.com

Alternative Names

*.horus-it.com
*.horus-it.de
*.tech.horus-it.com
horus-it.com
horus-it.de

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2024-10-21
Not valid after: 2025-01-19

This certifcate has been verified for the following usages:

Digital Signature
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 49:17:07:80:FD:F2:B2:57:12:D6:2B:9B:AC:11:5A:44:25:81:0E:D3:52:8E:53:56:7F:A0:EB:8C:E6:6F:92:00
SHA1: D9:39:BA:35:36:F8:B4:2E:81:33:82:C1:CD:03:EA:DD:A7:56:E5:59

X509v3 extensions

subjectKeyIdentifier

E7:A9:96:52:34:45:9E:C5:80:DE:A7:32:C2:71:B4:12:AF:68:DB:CB

authorityKeyIdentifier

keyid:9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D

authorityInfoAccess

OCSP - URI:http://e5.o.lencr.org
CA Issuers - URI:http://e5.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
Timestamp : Oct 21 22:11:42.722 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:D7:6E:A2:AC:A1:6E:39:3F:9B:22:D3:
62:69:E1:F6:0A:46:17:D5:80:36:45:49:2B:C7:C2:C7:
B9:50:EB:17:99:02:20:0D:7D:40:AD:10:DE:9F:64:75:
FA:21:AD:43:7C:AB:6F:A0:AC:D2:B8:2B:DA:DA:E1:CC:
A3:62:B4:73:65:5E:45
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
Timestamp : Oct 21 22:11:42.711 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:C3:D4:FE:F1:C0:0F:B7:13:73:1F:8C:
F6:1B:06:32:9B:08:2C:CD:FA:0B:CB:1C:DE:FD:A5:E9:
CD:EE:60:5D:99:02:20:31:15:DE:B9:49:4F:55:F2:EA:
17:88:64:D5:EC:5D:79:87:A8:6B:4B:21:15:C6:6D:B2:
30:02:AE:49:8F:6B:CD

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.ra.horus-it.com	DANE-EE: Domain Issued Certificate Use subject public key SHA-512 Hash	valid	valid
_25._tcp.ra.horus-it.com	DANE-TA: Trust Anchor Assertion Use subject public key SHA-512 Hash	valid	—
_25._tcp.ra.horus-it.com	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid
_25._tcp.ra.horus-it.com	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—

SSL check results of willexplo.de