("TestSender") cannot tell your email system to "send us an email". If it could, think of the spam possibilities! So you will need to start by sending us an email.
See below for where to send the email and how to put your unique passcode on it.
For your convenience, this webpage gives you an option to automatically start the email with just a click.
Before usingyou may want to list CheckTLS.com in your list of allowed domains (whitelist us) so the report returns to you is not sent to your spam folder.
We cannot respond to Challenge-response email filters (e.g. SpamArrest, Support Sentry SpamBlock, iPermitMail) so you MUST manually allow mail from CheckTLS.com.
When running multipletests, you can add notes in the Subject: line. Just enclose your passcode in parenthesis and we'll find it. For example:
Subject: Test number 12 (my passcode here) on Tuesday
This passcode only works once. You can refresh this page to receive another one.
When you send an email to the special address listed below with your unique passcode,performs all the steps that Internet email systems go through to receive email. It records every command and byte of data that your system sends and every answer and byte of data that our system replies back. does actually receive your email, and it learns as much about your system as it can in the process.
Because CheckTLS focuses on security,tries to establish a secure (TLS) connection with your system. Along with recording everything, it looks at the security of the your system for things like: certificate contents and signers, encryption algorithms, key lengths, hostname mis-matches, weak cyphers, etc.
sends its results as a reply to the email you used to start the test. Results have very limited HTML formatting so you can read them on any email system.
The Results email shows details of the test and the complete communications log of the SMTP session. Various security items and any errors are highlighted so they are easy to find.
If you have them setup, the test also reports detailed information about Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC).
The reply email looks like:
From: CheckTLS Test Sender TLS <testsender@CheckTLS.com>
SUCCESSFUL CheckTLS/email/test From:
Your email was sent securely using TLS.
|Date:||2018-06-29 11:33:33 EDT|
|ClientCert:||Subject Name: /OU=Domain Control Validated/CN=*.checktls.com|
Issuer Name: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
|SPF_mfrom.Record:||v=spf1 a mx -all|
|SPF_mfrom:||pass: local="checktls.com: 188.8.131.52 is authorized to use 'checktls.com' in 'mfrom' identity (mechanism 'a' matched)"|
|SPF_helo:||none: local="www6.checktls.com: No applicable sender policy available"|
|DKIM:||pass: signature="@checktls.com" result="pass"|
(this email intentionally has limited formatting)
The transcript of the eMail SMTP session is below, with: --> this is a line from your email system to us (~~> when encrypted) <-- this is a line to your email system from us (<~~ when encrypted) === this is a line about the tls negotiation (cypher, cert, etc) *** this is an error, warning, or info line that the test found <-- 220 ts6.checktls.com ESMTP TestSender Fri, 29 Jun 2018 11:33:33 -0400 --> EHLO www6.CheckTLS.com <-- 250-ts6.checktls.com Hello www6.checktls.com [184.108.40.206], pleased to meet you <-- 250-ENHANCEDSTATUSCODES <-- 250-8BITMIME <-- 250-STARTTLS <-- 250 HELP --> STARTTLS <-- 220 Ready to start TLS ====tls negotiation successful (cypher: ECDHE-RSA-AES128-GCM-SHA256) client cert: Subject Name: /OU=Domain Control Validated/CN=*.checktls.com Issuer Name: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2 ~~> EHLO www6.CheckTLS.com <~~ 250-ts6.checktls.com Hello www6.checktls.com [220.127.116.11], pleased to meet you <~~ 250-ENHANCEDSTATUSCODES <~~ 250-8BITMIME <~~ 250 HELP ~~> MAIL From:<email@example.com> <~~ 250 Ok - mail from firstname.lastname@example.org ~~> RCPT To:<test@TestSender.CheckTLS.com> <~~ 250 Ok - recipient test@TestSender.CheckTLS.com ~~> DATA <~~ 354 Send data. End with CRLF.CRLF ~~> From: "Steve Shoemaker" <email@example.com> ~~> To: <test@TestSender.CheckTLS.com> ~~> Subject: password ~~> Date: Fri, 29 Jun 2018 11:32:31 -0400 ~~> ~~> This message is intentionally empty. ~~> . <~~ 250 Ok ~~> QUIT <~~ 221 ts6.checktls.com closing connection
Your test is setup.
Send an email to this address: test@TestSender.CheckTLS.com
Put this passcode in the Subject: 55uxu3y5a9xi7
To: test@TestSender.CheckTLS.com Subject: 55uxu3y5a9xi7 This is a test message.
Be sure to whitelist CheckTLS.com.
(Expecially if you use a Challenge-response email service.)
Our test results can look like SPAM and we get many bounced results. If your test result does not come to your email in a minute or two, you can check our logs for a bounce from your domain HERE.