"Security Exception" warning when logging into ISP email?

Please post a screenshot of the exception prompt. https://support.mozilla.org/kb/how-do-i-create-screenshot-my-problem

What is your anti-virus software?

Is there anything I can do to make this exception "take?"

This is the wrong attitude. There is a reason why you do get the exception prompt, which usually indicates that there's a problem. Instead of working around the problem, you'll need to fix it.

Thanks for the reply.

AntiVirus is Avast (free version).

I don't see it as 'wrong attitude.' If there's a check box that says "Permanently store," and it's checked, then why doesn't it "permanently store?" As I said... don't offer me the option if it's just going to be ignored anyway. Why it's having a problem logging in is a whole separate issue from that one.

Apparently the image won't display inline, so it's attached.

Agreed that fixing the actual problem is the way to go. Seems lately I spend more time chasing issues (usually with Windows) than I do just using it. Is it my ISP? Is it TBird? Is it my antivirus? Further muddying the waters is the fact that other email clients (in Windows) don't have this same issue. Also, it doesn't show up when I'm running TBird in Linux. Makes it tough to know where to even begin!

Inspect the certificate - see the attached screenshot for instructions.

Who's the issuer of the cert? Please post a screenshot of the certificate viewer window with the cert details visible.

Okay... don't know what to tell you. The damned reply WILL NOT POST here, after several tries to do so. "OOPS... an error occurred. Administrators have already been notified" or some such.

Here's the text I've been trying to send, with no attachments:

Take Two: stupid site 'glitched' when I tried to post it, so here we go again:

The "View" button gave me a new tab that only showed the 'windows whirlygig' in the tab while it was trying to load; that's the "View" attachment.

The "Get" button changed the 'exception' pop-up window to say there was no data available; that's the "Get" attachment.

Closing the 'exception' window (using "x" in upper right) finally allowed the new tab to fill; there was more data displayed than the screen could show, so it's in two pieces; that's the "Cert1" and Cert2" attachments.

Saw a lot of Avast in the certificate, which surprised me; opened Avast and checked the exceptions section, and TBird is already listed as an exception (do not scan or protect) in there; that's the "A_Exception" attachment.

Hope these help!

I'm including a single attachment (Cert1); maybe the site doesn't like multiple attachments??

Okay... that must be the issue. I was trying to attach five files, and it kept bouncing out. This one with only a single attachment went through.

I'll try attaching two more to this one (Cert2 and A_Exception).

It takes two alright. I'll attach the other two. (the "Get" and "View" shots).

Hope you can still make sense of this, having had to spread it across three posts.... Sheesh, Mozilla!!

There are two issues here. 1. The cert returned to Thunderbird has been issued by Avast, and not by a regular Certificate Authority. That indicates that Avast is intercepting your secure connection to the server and injecting a certificate generated on the fly (the one you're seeing) because it's configured to scan encrypted connections. In addition it injected it's own root certificate into the Thunderbird certificate store, so that Thunderbird isn't complaining about a cert from an unknown issuer. It's also possible that you did this deliberately. In any case, this is basically the same tactic an attacker would use to trick you into connecting to a malicious server, also called man in the middle attack. What that means is Avast can also see your account password, which would normally transmitted to the server encrypted end-to-end. So I'd hope you do have a lot of faith in Avast.

2. As per your screenshot Thunderbird is trying to connect to mail.myfairpoint.net:110. Port 110 typically isn't used for secure connections, so you should check the server settings for the account. For reasons I don't know Avast returns a cert for *.carrierzone.com. So there's a mismatch, and hence you do get the 'Wrong Site' error from Thunderbird.

To prevent Avast from scanning secure connections see https://support.mozilla.org/en-US/kb/error-codes-secure-websites#w_avastavg

opened Avast and checked the exceptions section, and TBird is already listed as an exception (do not scan or protect) in there

Creating an exception for the Thunderbird program folder is completely useless. You'd need to create an exception for the Thunderbird profile folder. https://support.mozilla.org/en-US/kb/profiles-where-thunderbird-stores-user-data#w_how-to-find-your-profile

While creating an exception for the Thunderbird profile folder is a good idea, it's completely unrelated to your certificate problem.

For more possible Avast related problems with Thunderbird see https://wiki.mozilla.org/Thunderbird:Testing:Antivirus_Related_Performance_Issues#AVAST

Thanks so much for your help with this!

I can't believe I'm saying this... but I actually miss the old DOS days... Things were (relatively) simple; no apps sneakily insinuating their tendrils into everything. They don't *hide* it, but you have to be quite knowledgeable, and have a lot of time on your hands to ferret this stuff out.

Again, thanks for the information, education, and the links!!