ymail.com - TLS / STARTTLS Test

Discover if the mail servers for ymail.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 28 Sep 2023 19:02:58 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of ymail.com can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @ymail.com addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mta6.am0.yahoodns.net 67.195.228.94	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 9 s
mta6.am0.yahoodns.net 67.195.228.111	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 8 s
mta6.am0.yahoodns.net 98.136.96.91	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 8 s
mta6.am0.yahoodns.net 98.136.96.75	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 6 s
mta6.am0.yahoodns.net 67.195.204.73	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 7 s
mta6.am0.yahoodns.net 67.195.204.74	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 7 s
mta6.am0.yahoodns.net 98.136.96.77	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 8 s
mta6.am0.yahoodns.net 67.195.228.110	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 9 s
mta7.am0.yahoodns.net 67.195.204.72	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 7 s
mta7.am0.yahoodns.net 98.136.96.76	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 6 s
mta7.am0.yahoodns.net 67.195.228.111	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 8 s
mta7.am0.yahoodns.net 98.136.96.74	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 6 s
mta7.am0.yahoodns.net 67.195.204.74	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 6 s
mta7.am0.yahoodns.net 67.195.228.109	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 8 s
mta7.am0.yahoodns.net 98.136.96.91	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 6 s
mta7.am0.yahoodns.net 67.195.228.94	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 8 s
mta5.am0.yahoodns.net 67.195.228.106	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 9 s
mta5.am0.yahoodns.net 67.195.204.74	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 6 s
mta5.am0.yahoodns.net 67.195.204.73	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 6 s
mta5.am0.yahoodns.net 98.136.96.74	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 7 s
mta5.am0.yahoodns.net 98.136.96.77	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 7 s
mta5.am0.yahoodns.net 67.195.204.79	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 6 s
mta5.am0.yahoodns.net 67.195.228.111	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 7 s
mta5.am0.yahoodns.net 67.195.228.109	10	supported	*.mail.am0.yahoodns.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-09-28 9 s

Outgoing Mails

We have received emails from these servers with @ymail.com sender addresses. Test mail delivery

Host	TLS Version & Cipher
sonic312-49.consmr.mail.bf2.yahoo.com (74.6.128.111)	TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256	2020-06-23

Certificates

First seen at: 2023-08-24

CN=*.mail.am0.yahoodns.net,O=Oath Holdings Inc.,L=Sunnyvale,ST=California,C=US

Certificate chain

*.mail.am0.yahoodns.net
- 2024-01-31 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Country (C)

State (ST)

California

Locality (L)

Sunnyvale

Organization (O)

Oath Holdings Inc.

Common Name (CN)

*.mail.am0.yahoodns.net

Alternative Names

*.mail.am0.yahoodns.net
*.am0.yahoodns.net
*.sbcglobal.am0.yahoodns.net
*.mail.gm0.yahoodns.net
*.gm0.yahoodns.net
*.biz.mail.yahoo.com
*.bullet.am0.yahoodns.net

Issuer

Country (C)

Organization (O)

DigiCert Inc

Organizational Unit (OU)

www.digicert.com

Common Name (CN)

DigiCert SHA2 High Assurance Server CA

validity period

Not valid before: 2023-08-08
Not valid after: 2024-01-31

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: B9:1B:09:46:7B:48:1A:6C:86:92:38:27:8E:56:34:C2:DC:19:F3:1E:55:2B:4B:A3:D2:05:BC:15:0A:22:C9:69
SHA1: 33:04:4A:AB:28:8C:FA:07:06:22:BD:33:F0:08:56:FE:83:0C:EF:2C

X509v3 extensions

authorityKeyIdentifier

keyid:51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59:72:3B

subjectKeyIdentifier

FE:95:4C:59:F9:F0:88:84:42:9D:A4:34:10:F1:25:65:B4:8C:D6:FC

crlDistributionPoints

Full Name:
URI:http://crl3.digicert.com/sha2-ha-server-g6.crl
Full Name:
URI:http://crl4.digicert.com/sha2-ha-server-g6.crl

certificatePolicies

Policy: 2.23.140.1.2.2
CPS: http://www.digicert.com/CPS

authorityInfoAccess

OCSP - URI:http://ocsp.digicert.com
CA Issuers - URI:http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Aug 8 00:04:54.415 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:4F:EF:A0:67:CB:32:7B:A8:C7:77:23:66:
EF:C8:50:BE:ED:F6:D8:A3:85:2E:3A:7E:B1:B8:67:17:
F3:64:0B:ED:02:21:00:BF:65:12:E9:8A:D1:8D:D2:58:
23:D2:4B:83:43:03:A7:DF:6A:0B:8F:32:F6:95:EA:5A:
B1:5E:79:9E:2B:BB:53
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Aug 8 00:04:54.362 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:E2:74:90:28:90:A9:20:F9:67:3B:6A:
A5:ED:D6:13:64:A2:FE:64:06:E2:9D:8B:29:9C:4E:D2:
F9:9F:A7:48:FD:02:20:52:23:96:49:09:49:B1:B8:45:
75:39:0A:51:A6:02:CB:46:AD:27:71:4D:21:9C:00:57:
5F:1E:05:AE:7B:5A:67
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
Timestamp : Aug 8 00:04:54.308 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:25:18:E7:D6:C1:A5:71:2F:DE:07:33:8A:
54:B6:41:69:41:5A:66:2E:AD:E2:AE:76:5C:BC:52:E1:
3C:97:9D:57:02:20:16:3A:A9:2B:DD:66:29:BB:DE:50:
17:2B:B8:4C:57:EF:7B:53:B7:6D:99:0D:A8:28:AD:EB:
57:0E:75:68:DF:E5

SSL check results of ymail.com