SSL check results of yahoo.pl

NEW You can also bulk check multiple servers.

Discover if the mail servers for yahoo.pl can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Mon, 16 Jul 2018 10:13:13 +0000

The mailservers of yahoo.pl can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @yahoo.pl addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx-eu.mail.am0.yahoodns.net
188.125.73.87
10
supported
*.am0.yahoodns.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
12 s
mx-eu.mail.am0.yahoodns.net
212.82.101.46
10
supported
*.am0.yahoodns.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
12 s

Outgoing Mails

We have received emails from these servers with @yahoo.pl sender addresses. Test mail delivery

Host TLS Version & Cipher
sonic311-57.consmr.mail.ir2.yahoo.com (77.238.176.189)
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256

Certificates

First seen at:

CN=*.am0.yahoodns.net,O=Yahoo Holdings\, Inc.,L=Sunnyvale,ST=CA,C=US

Certificate chain
Subject
Country (C)
  • US
State (ST)
  • CA
Locality (L)
  • Sunnyvale
Organization (O)
  • Yahoo Holdings, Inc.
Common Name (CN)
  • *.am0.yahoodns.net
Alternative Names
  • *.am0.yahoodns.net
  • *.mail.am0.yahoodns.net
  • *.sbcglobal.am0.yahoodns.net
  • *.mail.gm0.yahoodns.net
  • *.gm0.yahoodns.net
  • *.biz.mail.yahoo.com
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • DigiCert SHA2 High Assurance Server CA
validity period
Not valid before
2018-02-15
Not valid after
2018-08-14
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
D6:16:23:9C:4B:67:A0:10:0B:42:20:75:CF:3C:C7:0B:EB:C6:6E:DC:4F:29:01:BD:1C:39:0D:C2:81:4E:F1:0A
SHA1
E7:75:FC:CF:21:A4:31:BE:18:E6:AA:A8:A5:A4:76:A3:C2:02:C2:09
X509v3 extensions
authorityKeyIdentifier
  • keyid:51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59:72:3B
subjectKeyIdentifier
  • 61:FF:F7:E6:52:08:76:7B:17:0B:1D:A2:49:F1:56:CD:86:F5:A0:BA
crlDistributionPoints
  • Full Name:
  • URI:http://crl3.digicert.com/sha2-ha-server-g6.crl
  • Full Name:
  • URI:http://crl4.digicert.com/sha2-ha-server-g6.crl
certificatePolicies
  • Policy: 2.16.840.1.114412.1.1
  • CPS: https://www.digicert.com/CPS
  • Policy: 2.23.140.1.2.2
authorityInfoAccess
  • OCSP - URI:http://ocsp.digicert.com
  • CA Issuers - URI:http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:B9:09:90:B4:18:58:14:87:BB:13:A2:CC:67:70:0A:
  • 3C:35:98:04:F9:1B:DF:B8:E3:77:CD:0E:C8:0D:DC:10
  • Timestamp : Feb 15 19:33:01.658 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:E2:04:AD:D0:D1:CA:29:F8:7C:36:C5:
  • 9C:69:5F:3C:98:6A:AA:6E:63:68:4E:2A:1B:49:82:8A:
  • 33:7F:03:FA:A4:02:20:30:80:0A:B4:2A:0B:61:3F:99:
  • AA:99:82:2D:6D:8E:BA:EC:31:1D:6F:62:4B:92:6E:0B:
  • 7B:AE:3C:BD:0F:20:6D
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 87:75:BF:E7:59:7C:F8:8C:43:99:5F:BD:F3:6E:FF:56:
  • 8D:47:56:36:FF:4A:B5:60:C1:B4:EA:FF:5E:A0:83:0F
  • Timestamp : Feb 15 19:33:01.785 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:82:C5:8C:DB:C2:99:DA:5E:C2:12:9C:
  • F2:9B:AD:E9:25:65:DC:4F:89:C5:77:22:94:29:AA:9B:
  • 6C:6E:AE:F6:87:02:20:12:FC:8C:12:62:C9:BC:B6:4B:
  • AC:AC:4F:4D:F9:1B:4E:10:16:C7:2B:38:C7:CB:0B:AC:
  • ED:0E:D7:AF:45:80:D4