diff --git a/MailKit/MailService.cs b/MailKit/MailService.cs
index 872bd25ae9..e9026c3c45 100644
--- a/MailKit/MailService.cs
+++ b/MailKit/MailService.cs
@@ -420,7 +420,7 @@ protected MailService () : this (new NullProtocolLogger ())
 		const string OutlookCertificateIssuer = "CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US";
 		const string YahooCertificateIssuer = "CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US";
 		const string GmxDotComCertificateIssuer = "CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US";
-		const string GmxDotNetCertificateIssuer = "CN=TeleSec ServerPass Extended Validation Class 3 CA, STREET=Untere Industriestr. 20, L=Netphen, PostalCode=57250, S=Nordrhein Westfalen, OU=T-Systems Trust Center, O=T-Systems International GmbH, C=DE";
+		const string GmxDotNetCertificateIssuer = "CN=Telekom Security ServerID OV Class 2 CA, O=Deutsche Telekom Security GmbH, C=DE";
 
 		// Note: This method auto-generated by https://gist.github.com/jstedfast/7cd36a51cee740ed84b18435106eaea5
 		internal static bool IsKnownMailServerCertificate (X509Certificate2 certificate)
@@ -434,32 +434,32 @@ internal static bool IsKnownMailServerCertificate (X509Certificate2 certificate)
 			case "imap.gmail.com":
 				switch (issuer) {
 				case GMailCertificateIssuer:
-					return (serial == "34B84EF11142CF4512D41976BF659B41" && fingerprint == "ABF1B02CBF92482FE1640E8EAD4C9CE0C8BD8573") // Expires 4/3/2023 4:18:36 AM
-						|| (serial == "458817FC181DDE2E1288AD51CE2798BF" && fingerprint == "EF88E9EDB9B15EBD8498D037EAD8CF15F11A7492") // Expires 5/3/2023 12:35:52 AM
+					return (serial == "458817FC181DDE2E1288AD51CE2798BF" && fingerprint == "EF88E9EDB9B15EBD8498D037EAD8CF15F11A7492") // Expires 5/3/2023 12:35:52 AM
 						|| (serial == "00F525194DBA81A0BC12DBDFD903F44F0D" && fingerprint == "75F1EB098EEC6BB570485A402459B846B3052C11") // Expires 5/25/2023 12:22:22 AM
 						|| (serial == "00FEE43FD6309636060A4AD4B318B8C16C" && fingerprint == "066B11204F056D87E98F360BF8C6EB40E0DE330A") // Expires 5/29/2023 4:18:40 AM
-						|| (serial == "009FC10C683787F097120487B0ABA44DDB" && fingerprint == "ED4584589E119A0E0DD0AD316B64447AAA30230A"); // Expires 6/5/2023 4:24:27 AM
+						|| (serial == "009FC10C683787F097120487B0ABA44DDB" && fingerprint == "ED4584589E119A0E0DD0AD316B64447AAA30230A") // Expires 6/5/2023 4:24:27 AM
+						|| (serial == "3908DE525CAE808512B5BBCAFDE7EE1A" && fingerprint == "682C6386DC5B328504FE1AB4B8F9B7638C351CD7"); // Expires 6/12/2023 4:25:47 AM
 				default:
 					return false;
 				}
 			case "pop.gmail.com":
 				switch (issuer) {
 				case GMailCertificateIssuer:
-					return (serial == "064F13D6F20B4C140AA426791CCA36CB" && fingerprint == "4C3B78DD1078069E257E717513BF3E246DDA45E0") // Expires 4/3/2023 4:18:36 AM
-						|| (serial == "00946E3F84703BE4690A12491232CD7DF9" && fingerprint == "5C1376C19F1A6FB6DAAE4393D2919134573CADDE") // Expires 5/3/2023 12:35:52 AM
+					return (serial == "00946E3F84703BE4690A12491232CD7DF9" && fingerprint == "5C1376C19F1A6FB6DAAE4393D2919134573CADDE") // Expires 5/3/2023 12:35:52 AM
 						|| (serial == "0BFA6B98977EA55912F4440ADE1B9320" && fingerprint == "20B6444B3A195C499B2BD27FB1C1BE01814D1A01") // Expires 5/25/2023 12:22:22 AM
-						|| (serial == "0080AFBC7CE1AA7E3A0AE5E74E9932198A" && fingerprint == "4671CBEE08E4EC02ADAB1612E9E2399C8AD6BDE7"); // Expires 6/5/2023 4:24:27 AM
+						|| (serial == "0080AFBC7CE1AA7E3A0AE5E74E9932198A" && fingerprint == "4671CBEE08E4EC02ADAB1612E9E2399C8AD6BDE7") // Expires 6/5/2023 4:24:27 AM
+						|| (serial == "7E15A8232FA0B7C812A8481356EF83CB" && fingerprint == "BC39E3D6C9E030EBC31BD27F44417EC9C7D9D2B2"); // Expires 6/12/2023 4:25:18 AM
 				default:
 					return false;
 				}
 			case "smtp.gmail.com":
 				switch (issuer) {
 				case GMailCertificateIssuer:
-					return (serial == "00A7342694B906B4FE0A3683770F0FE5A7" && fingerprint == "23D7F12451BE47686D2A2C2837A88E1A5341F970") // Expires 4/3/2023 4:18:38 AM
-						|| (serial == "00F84964E523B1ADD80A85F5DBDFB8118A" && fingerprint == "7923264A11C9BB7C8F477A2E71FEC8449E56B192") // Expires 5/3/2023 12:35:53 AM
+					return (serial == "00F84964E523B1ADD80A85F5DBDFB8118A" && fingerprint == "7923264A11C9BB7C8F477A2E71FEC8449E56B192") // Expires 5/3/2023 12:35:53 AM
 						|| (serial == "00BB686207476F3BA30AAA3FE14DF58FAC" && fingerprint == "B3FBFA39091768512BC42B9C0C71809E3309553B") // Expires 5/25/2023 12:22:23 AM
 						|| (serial == "00C77F6452EE58300D0A7B26762C25E8D9" && fingerprint == "D0CCFF4213BB7400D5A2B7B184B6F49D6BB62073") // Expires 5/29/2023 4:18:41 AM
-						|| (serial == "398C567803CB133012472B8BF7B40BF8" && fingerprint == "75C1109F345A53DE907205D19F25C32DB7826CAC"); // Expires 6/5/2023 4:25:01 AM
+						|| (serial == "398C567803CB133012472B8BF7B40BF8" && fingerprint == "75C1109F345A53DE907205D19F25C32DB7826CAC") // Expires 6/5/2023 4:25:01 AM
+						|| (serial == "00CD3052AB7BC0657A0A59F086E51DEB86" && fingerprint == "45DCA54E4F370C4DDB2D1197E6FB3F26B85921DB"); // Expires 6/12/2023 4:25:16 AM
 				default:
 					return false;
 				}
@@ -519,7 +519,7 @@ internal static bool IsKnownMailServerCertificate (X509Certificate2 certificate)
 			case "mail.gmx.com":
 				return issuer == GmxDotComCertificateIssuer && serial == "0EDED5E9A1A4A38F6C948BC1AAAF3461" && fingerprint == "7BC2F2DE446AEF4B5BDFEC6B600ADCB08D7FCE3F"; // Expires 6/4/2023 7:59:59 PM
 			case "mail.gmx.net":
-				return issuer == GmxDotNetCertificateIssuer && serial == "2C4EDAA6BFC3F4853DE57BBA2B2D0354" && fingerprint == "96267DA3F4D9CF4710E9C775D45DE75991D798D4"; // Expires 4/9/2023 7:59:59 PM
+				return issuer == GmxDotNetCertificateIssuer && serial == "1B5D6F9F484B823DB686F1390AA98203" && fingerprint == "BFA54061C313A2958873C99ADEA0C8857B5EC361"; // Expires 4/1/2024 7:59:59 PM
 			default:
 				return false;
 			}