xmail.net - TLS / STARTTLS Test

Discover if the mail servers for xmail.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 25 Sep 2025 07:27:59 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of xmail.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @xmail.net addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.xmail.net 2605:7c00:7:1::12	100	supported	mail.xmail.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2025-09-25 60 s
mail.xmail.net 2605:7c00:7:1::10	100	supported	mail.xmail.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-09-25 68 s
mail.xmail.net 2605:7c00:7:1::9	100	supported	mail.xmail.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-09-25 68 s
mail.xmail.net 65.110.6.12	100	supported	mail.xmail.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-09-25 68 s
mail.xmail.net 65.110.6.9	100	supported	mail.xmail.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-09-25 68 s
mail.xmail.net 65.110.6.10	100	supported	mail.xmail.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2025-09-25 59 s

Outgoing Mails

We have not received any emails from a @xmail.net address so far. Test mail delivery

Certificates

First seen at: 2025-09-25

CN=mail.xmail.net

Certificate chain

mail.xmail.net
- 2025-12-12 remaining
- 256 bit
- ecdsa-with-SHA384

Subject

Common Name (CN)

mail.xmail.net

Alternative Names

mail.xmail.net

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-09-13
Not valid after: 2025-12-12

This certifcate has been verified for the following usages:

Digital Signature
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 7B:4B:06:E5:8E:4E:D7:72:4C:8E:08:1B:74:C9:D4:82:FB:AB:1F:C9:F5:9D:FF:8B:29:BB:36:3E:83:FA:E4:C9
SHA1: AB:BD:52:81:05:8D:B3:08:04:A2:9F:3A:50:33:47:3E:59:D4:5C:7B

X509v3 extensions

subjectKeyIdentifier

5C:17:89:ED:1A:AD:45:22:54:17:EA:75:DC:80:16:78:CF:E5:EB:23

authorityKeyIdentifier

keyid:AE:48:9E:DC:87:1D:44:A0:6F:DA:A2:E5:60:74:04:78:C2:9C:00:80

authorityInfoAccess

CA Issuers - URI:http://e7.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://e7.c.lencr.org/57.crl

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
Timestamp : Sep 13 12:10:27.632 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:8B:55:86:31:E0:5B:C9:6B:51:70:1F:
7A:D1:EB:FE:93:D6:39:A3:0A:9A:4D:94:3D:B9:25:51:
17:8E:8C:7B:1B:02:20:0C:A6:7C:54:64:BD:87:32:DB:
B1:FB:85:79:37:F8:53:D0:77:13:FE:9D:AF:94:40:03:
5D:9E:12:1F:22:69:45
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
Timestamp : Sep 13 12:10:27.668 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:51:61:D7:7D:D1:A7:CF:CD:F7:40:50:5A:
72:54:F3:7F:BC:2C:04:56:60:14:48:B1:E2:B5:31:2F:
41:06:41:FE:02:21:00:EE:E8:68:18:80:A2:DC:96:AA:
B1:F2:76:64:DE:BF:44:A8:E8:4D:05:56:EE:D4:50:C9:
F7:FE:DA:44:3D:23:89

First seen at: 2025-09-25

CN=mail.xmail.net

Certificate chain

mail.xmail.net
- 2025-12-05 remaining
- 256 bit
- ecdsa-with-SHA384

Subject

Common Name (CN)

mail.xmail.net

Alternative Names

mail.xmail.net

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-09-06
Not valid after: 2025-12-05

This certifcate has been verified for the following usages:

Digital Signature
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: A6:76:93:B3:98:F4:56:8B:D5:F8:E8:21:75:B0:04:A6:C8:08:25:9A:56:F0:0D:11:44:20:E9:B6:B8:07:4B:23
SHA1: 1C:DE:2F:8A:22:39:43:1A:AA:57:F6:5E:E7:D2:E4:58:0B:5E:6D:91

X509v3 extensions

subjectKeyIdentifier

17:98:E0:90:19:3C:69:A4:40:27:C1:43:C0:35:96:C9:F5:23:E5:AA

authorityKeyIdentifier

keyid:AE:48:9E:DC:87:1D:44:A0:6F:DA:A2:E5:60:74:04:78:C2:9C:00:80

authorityInfoAccess

CA Issuers - URI:http://e7.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://e7.c.lencr.org/67.crl

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
Timestamp : Sep 6 12:04:23.521 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:27:34:76:C6:0C:5C:5A:F9:30:62:72:00:
74:74:63:07:0C:AB:F0:A3:7E:63:64:33:53:17:F2:C1:
64:61:58:05:02:21:00:F3:2E:CF:34:A0:B9:04:5E:6B:
98:FF:D2:E9:ED:57:B6:13:50:C1:92:AD:6E:17:04:7A:
46:3E:CA:F6:E0:19:F5
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
Timestamp : Sep 6 12:04:23.574 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:0E:99:2D:DC:2D:BE:D5:16:67:03:8A:EE:
59:C7:BF:ED:25:D5:D2:9F:D5:01:7D:7D:47:36:17:2D:
D2:43:98:86:02:20:73:CF:0F:E0:08:9E:A2:9E:C4:09:
80:F4:C3:A1:0D:FC:85:0D:AF:25:5B:61:1A:10:A5:6A:
71:63:2C:E5:AF:70

First seen at: 2025-09-25

CN=mail.xmail.net

Certificate chain

mail.xmail.net
- 2025-11-07 remaining
- 256 bit
- ecdsa-with-SHA384

Subject

Common Name (CN)

mail.xmail.net

Alternative Names

mail.xmail.net

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-08-09
Not valid after: 2025-11-07

This certifcate has been verified for the following usages:

Digital Signature
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: A2:AC:ED:A0:8A:2D:3F:2D:DD:DC:04:41:2D:A7:D6:D4:98:FE:48:0D:DF:26:C7:23:40:BA:89:36:32:C4:3A:97
SHA1: F8:0A:59:24:F6:49:B0:32:71:38:D5:69:FE:33:DE:9E:F3:9D:C8:4F

X509v3 extensions

subjectKeyIdentifier

D9:5C:D5:32:D8:7E:24:5D:C2:2D:F7:C4:94:86:62:6C:E3:AB:9B:3F

authorityKeyIdentifier

keyid:9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D

authorityInfoAccess

CA Issuers - URI:http://e5.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://e5.c.lencr.org/120.crl

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
Timestamp : Aug 9 12:00:28.706 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:90:78:65:D2:FB:F2:98:B8:64:32:32:
4A:5B:3B:86:8D:BE:02:70:44:4F:4C:0B:38:BF:00:6D:
1D:11:BF:62:0D:02:20:0E:6C:46:30:72:EF:D0:22:88:
6A:C6:39:2E:E8:20:13:E5:31:66:9F:1D:5F:71:19:41:
AA:09:74:31:A3:DB:CC
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : ED:3C:4B:D6:E8:06:C2:A4:A2:00:57:DB:CB:24:E2:38:
01:DF:51:2F:ED:C4:86:C5:70:0F:20:DD:B7:3E:3F:E0
Timestamp : Aug 9 12:00:30.708 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:C7:5F:86:E2:7C:40:AE:A5:C9:BC:93:
DF:D1:77:2F:9A:89:2B:D7:46:BD:84:14:8B:79:B2:4D:
16:83:83:78:74:02:21:00:D8:12:A2:4F:6D:8E:9B:85:
6F:D0:A9:35:32:84:FE:52:D2:AF:3B:B3:D3:61:28:1B:
E2:BD:35:0E:1C:4C:1D:42

SSL check results of xmail.net

Summary

The mailservers of xmail.net can be reached through a secure connection.

Servers

Incoming Mails

Outgoing Mails

Certificates

CN=mail.xmail.net

CN=mail.xmail.net

CN=mail.xmail.net