SSL check results of xfa.ca

NEW You can also bulk check multiple servers.

Discover if the mail servers for xfa.ca can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sun, 22 Jun 2025 00:31:04 +0000

The mailservers of xfa.ca can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @xfa.ca addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
lamprey.xfa.ca
2605:6f00:1234:600:1::6c
10
supported
lamprey.xfa.ca
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
4 s
lamprey.xfa.ca
66.102.135.9
10
supported
lamprey.xfa.ca
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s

Outgoing Mails

We have not received any emails from a @xfa.ca address so far. Test mail delivery

Certificates

First seen at:

CN=lamprey.xfa.ca

Certificate chain
  • lamprey.xfa.ca
    • remaining
    • 256 bit
    • ecdsa-with-SHA384

      • E6
        • remaining
        • 384 bit
        • sha256WithRSAEncryption

          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption

Subject
Common Name (CN)
  • lamprey.xfa.ca
Alternative Names
  • lamprey.xfa.ca
  • mail.computethis.ca
  • mail.nugent-klein.com
  • mail.xfa.ca
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E6
validity period
Not valid before
2025-06-17
Not valid after
2025-09-15
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
09:19:42:46:D4:00:1A:78:D3:46:58:BF:02:B5:FD:C1:8E:AE:82:90:82:D6:4C:60:90:5A:5F:D2:9D:8D:51:AA
SHA1
C2:D7:05:5B:C4:D2:7F:3D:12:52:E9:E0:BA:5D:DD:87:BA:92:80:9D
X509v3 extensions
subjectKeyIdentifier
  • 20:04:FF:EF:34:2C:5F:B0:39:1F:81:3C:13:91:B1:86:CF:AC:F3:43
authorityKeyIdentifier
  • keyid:93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
authorityInfoAccess
  • CA Issuers - URI:http://e6.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://e6.c.lencr.org/7.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : Jun 17 17:05:22.089 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:A5:BB:E0:0D:0E:09:25:F0:AE:8C:9C:
  • 64:05:7D:AB:17:9F:91:A8:83:BA:65:72:E7:26:64:CD:
  • 2B:A3:6D:D0:94:02:21:00:A2:6F:F0:FE:00:C9:9E:64:
  • E1:99:D3:97:0C:C6:D2:C8:BA:4E:DA:37:13:EB:BB:F0:
  • B4:CF:9B:16:C7:FD:F8:9A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
  • 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
  • Timestamp : Jun 17 17:05:22.141 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:57:B8:F0:15:4A:EF:B1:95:EF:9D:01:AE:
  • FF:C2:19:04:8A:BD:E0:4B:66:DF:75:68:09:DB:4C:0D:
  • EF:7B:48:2D:02:20:0C:27:35:04:D8:F1:96:8F:27:89:
  • 1F:8C:8D:65:CC:84:F8:4F:29:58:50:6B:5E:30:37:1F:
  • E3:5A:52:75:14:2B