Skip to content

Instantly share code, notes, and snippets.

@jfqd

jfqd/immuniweb_mx_scans.md

Last active September 17, 2022 19:10
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jfqd/8b2e06caf2579f706465bf93c46dd04e to your computer and use it in GitHub Desktop.
Save jfqd/8b2e06caf2579f706465bf93c46dd04e to your computer and use it in GitHub Desktop.
Download ZIP
immuniweb mailserver scans
Raw
immuniweb_mx_scans.md
Whois Mailserver-Scan Score Issues
qutic development mail.qutic.com:25 A+ -
Microsoft Outlook eff-org.mail.protection.outlook.com:25 A no TLSv1.3
mailbox.org mx1.mailbox.org:25 A TLSv1, TLSv1.1
Posteo mx01.posteo.de:25 A TLSv1, TLSv1.1
ProtonMail mail.protonmail.ch:25 A TLSv1, TLSv1.1
Tutanota mail.tutanota.de:25 A TLSv1, TLSv1.1
Bund mx1.bund.de:25 A TLSv1, TLSv1.1
Amazon amazon-smtp.amazon.com:25 A intermediate certificate missing, TLSv1.1, no TLSv1.3
CDU mail48.cdu.de:25 A invalid ruf und rua
netzpolitik.org mail.netzpolitik.org:25 A no cipher preference, server supports client-initiated secure renegotiation
AOK mx1.aok.de:25 A DMARC misissing, TLSv1, TLSv1.1
Polizei Hamburg mx1.ondataport.de:25 A server sends an unnecessary root certificate, DMARC missing, TLSv1, TLSv1.1
1&1 mxint01.1and1.com:25 A- TLSv1, TLSv1.1
Fiducia/GAD/Atruvia gmail22.gadmail.de:25 A- TLSv1.1, no TLSv1.3, DMARC missing
Postbank mailrelay1.frankfurt.postbank.de A- TLSv1, TLSv1.1, no TLSv1.3
Deutsche Bank smtp14.db.com:25 A- TLSv1, TLSv1.1, no TLSv1.3
dogado mx03.secure-mailgate.com:25 A- DMARC missing, TLSv1, TLSv1.1
digitalcourage mail.digitalcourage.de:25 A- TLSv1, TLSv1.1, no cipher preference, server supports client-initiated secure renegotiation
NASPA y01es.mail.s-web.de:25 A- SPF and DMARC missing, no TLSv1.3, server does not have cipher preference, server-initiated secure renegotiation
web.de mx-ha02.web.de:25 A- intermediate certificate missing, TLSv1, TLSv1.1, server-initiated secure renegotiation
Siemens thoth.sbs.de:25 B+ server sends an unnecessary root certificate, SPF and DMARC missing, TLSv1, TLSv1.1, no TLSv1.3, server does not support extended master secret, server supports client-initiated secure renegotiation
Google aspmx.l.google.com:25 B TLSv1, TLSv1.1, non-compliant with pci dss requirements
walkingtoweb mail.walkingtoweb.com:25 B- DMARC missing, TLSv1, TLSv1.1, 1024 bits DH
OVH mx1.ovh.net:25 B- server sends an unnecessary root certificate, TLSv1, TLSv1.1, no TLSv1.3, server supports client-initiated secure renegotiation
BKA bka.de:25 C+ cert untrusted, server sends an unnecessary root certificate, TLSv1, TLSv1.1
Uberspace mx1.uberspace.is:25 C+ server sends useless certificates, TLSv1, TLSv1.1, server supports client-initiated secure renegotiatio, no cipher preference
Mittwald mx1.agenturserver.de:25 C+ TLSv1, TLSv1.1, no TLSv1.3, DMARC missing, non-compliant with pci dss requirements, server supports client-initiated secure renegotiation
all-inkl.com w01b4bd8.kasserver.com C+ outdated OpenSSL version, no cipher preference, server supports client-initiated secure renegotiation
Honds mx1.honds.net:25 C+ DMARC missing, TLSv1, TLSv1.1, DKIM Testmode, Server sends useless certificates.
Alfahosting mail.alfahosting.de:25 C+ DMARC missing, TLSv1, TLSv1.1, no TLSv1.3, 1024 bits DH
Heise relay.heise.de:25 C+ Server sends useless certificates, DMARC missing, TLSv1, TLSv1.1no cipher preference
Bündnis 90/Die Grünen mgw01.net.de:25 C+ Server sends an unnecessary root certificate, DMARC missing, TLSv1, TLSv1.1
Hetzner mail.kultur-und-computer.de:25 C cert untrusted, SPF and DMARC missing, TLSv1, TLSv1.1
EFF mail2.eff.org:25 F TLSv1, TLSv1.1, no TLSv1.3
Commerzbank mail.commerzbank.com:25 F SSLv3, TLSv1, TLSv1.1, kein TLSv1.3, 1024 bits DH
Domainfactory mxdf.ispgateway.de:25 F server sends an unnecessary root certificate, DMARC missing, TLSv1, TLSv1.1, kein TLSv1.3
Minuskel mail.minuskel.de:25 F Server sends an unnecessary root certificate, DMARC missing, TLSv1, TLSv1.1, kein TLSv1.3
Webgo website.webgo.de:25 F TLSv1, TLSv1.1, kein TLSv1.3, 1024 bits DH, 1024 bits DH
Strato post.in.strato.de:25 F SPF mising, TLSv1, TLSv1.1, kein TLSv1.3, 1024 bits DH
Netcup smtp.netcup.net:25 F SPF + DMARC missing, SSLv3, POODLE, TLSv1, TLSv1.1, kein TLSv1.3,
wysiwyg* mail2.wysiwyg.de:25 F DMARC missing, TLSv1, TLSv1.1, kein TLSv1.3, SSLv3, POODLE,
Die Zeit mx1.zeit.c3s2.iphmx.com:25 F No certificates was sent by the server
SPD spdmail.spd.de:25 F DMARC missing, Server sends an unnecessary root certificate, TLSv1, TLSv1.1, kein TLSv1.3
CCC mail.ccc.de:25 F The certificate has been signed by an unknown Certificate Authority, SPF and DMARC missing, TLSv1, TLSv1.1, no cipher preference, server supports client-initiated secure renegotiation
Apple ma1-aaemail-dr-lapp02.apple.com:25 F Server sends an unnecessary root certificate, TLSv1, TLSv1.1, no TLSv1.3, no cipher preference, server supports client-initiated secure renegotiation
Steuerberater line1a.virus-defence.de:25 F Server sends useless certificates, DMARC missing, TLSv1, TLSv1.1, kein TLSv1.3, server does not have cipher preference, no tls_fallback_scsv, server supports client-initiated secure renegotiation
Sys4 mail.sys4.de:25 F TLSv1, TLSv1.1, kein TLSv1.3, no cipher preference, server supports client-initiated secure renegotiation
Tractel svrmail.e-tractel.com:25 F TLSv1, TLSv1.1, kein TLSv1.3, self signed cert, server supports client-initiated secure renegotiation
denkform mx0.denkform.net:25 F cert untrusted, TLSv1, TLSv1.1, no TLSv1.3, SPF and DMARC missing, non-compliant with pci dss requirements
  • server supports client-initiated secure renegotiation (CVE-2011-1473)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment