Dieses Thema wurde archiviert. Bitte stellen Sie eine neue Frage, wenn Sie Hilfe benötigen.
Why am I receiving multiple (7 or 8 at a time) requests to add a security exception for something I don't know I'm trying to access?
Alle Antworten (17)
Sorry, it's menu > Account Settings. Then click Server Settings. (See attached screenshot for reference.)
Can you attach a screenshot?
- use a compressed image type like PNG or JPG to save the screenshot
Cor-el: There's a screenshot on page one of this thread. jscher-2000: I've checked the account settings. There's nothing in there that I can see which would direct Thunderbird to try this server. The only place I found this address was in preferences>security>passwords. I deleted it from there (which should have deleted the password--yet Thunderbird is not asking for the password, only indicating that this certificate is out of date. Perhaps it checks the cert before trying to login). It seems to produce 5-7 alarms each time it tries to access this server.
jscher-2000: I've checked the account settings. There's nothing in there that I can see which would direct Thunderbird to try this server.
Do the settings match what your service provider's current/latest settings? The reason I'm harping on this is if they changed the server some time ago, they might let the certificate expire on the assumption that all of their customers must have updated their settings by now. We need to rule that out.
I just remembered that you can set up RSS feeds in Thunderbird, so you might check whether you have any of those configured (they would be further down the left column in Account Settings).
Thank you for all your thoughts on this! I'm not sure exactly how to check our service provider to see what the latest settings should be, but I keep thinking it must have to do with this particular computer, because nothing changed on either my Apple products that access these email accounts, or on an android product that is also using Thunderbird. Obviously, Thunderbird does not need to use this address on this computer, because after I eliminate all the alarms all the accounts can receive and send email; so it appears to be an action that we could just delete, if we only knew how. I could override the alarm with an exception, but I'm afraid this is what the address wants me to do; that is, perhaps this is some kind of hack and the user of this address wants me to login to their site.
Oh, does the problem appear only at startup, not every time you check mail? Okay, I have different thoughts in that case:
(1) Start Page setting
If you open
menu > Preferences
Thunderbird should display the General settings, and the first one is Thunderbird Start Page. Normally that's an address like
Does yours have something unexpected here?
If you open
menu > Add-ons and Themes
and then click Extensions in the left column, are any extensions listed on the right side?
This seemed promising, but in fact the startup page was the one you showed in your email, and we have no extensions. Under account settings for each account I turned off "check for mail at start up", "check for new messages every ...minutes", and "allow immediate server notifications" and the alarms kept coming.
Post information so we know what servers you are using.
- Menu app icon > Help > More Troubleshooting Information
- Under Mail and News Accounts
- Select everything, copy and paste into the forum question.
Do you have a website that is hosted by hostmonster ? Do you use an email provided by a company that has a website hosted by hostmonster ?
- Menu app icon > Preferences > Privacy & Security
- Scroll down to Certifcates at the bottom
- Click on 'Manage Certificates'
- Click on each tab in turn to see if there is any mention of hostmonster
Report on results - post an image to show info if you find anything.
What Anti-Virus product are you using because it could be the Anti-Virus which is having the problem and not Thunderbird?
Thanks for your post Toad-hall. To answer your questions: I don't own a website. I don't think I use an email account offered by a company using hostmonster website. However, I think I mentioned somewhere above, that at one point when this first happened I checked under preferences>saved logins and did find the hostmonster address as a login. So I deleted it. I cannot find the address anywhere else (including under "manage certificates"). I use Norton anti-virus.
Here is the info from the mail and news accounts: ID Incoming server Outgoing servers Name Connection security Authentication method Name Connection security Authentication method Default? account1 (imap) mobile.charter.net:993 SSL/TLS Normal password mobile.charter.net:587 SSL/TLS Normal password true account2 (none) Local Folders None Normal password account3 (imap) mobile.charter.net:993 SSL/TLS Normal password mobile.charter.net:587 SSL/TLS Normal password true account5 (imap) mail.harvardhistory.org:993 SSL/TLS Normal password mail.harvardhistory.org:465 SSL/TLS Normal password true
These are the results of dig queries for MX (mail server) records:
; <<>> DiG 9 <<>> @localhost harvardhistory.org MX ; (1 server found) ;; QUESTION SECTION: ;harvardhistory.org. IN MX ;; ANSWER SECTION: harvardhistory.org. 14081 IN MX 0 mail.harvardhistory.org. ; <<>> DiG 9 <<>> @localhost mail.harvardhistory.org MX ; (1 server found) ;; QUESTION SECTION: ;mail.harvardhistory.org. IN MX ;; AUTHORITY SECTION: harvardhistory.org. 300 IN SOA ns1.hostmonster.com. root.host2124.hostmonster.com. 2022022510 86400 7200 3600000 300
There's some connection there, but I don't know how to read it (SOA = Start of Authority).
Any idea how this connection is making Thunderbird try to access that address? What's making Thunderbird do that? If I delete that account it still creates these alerts. And my iPhone has no trouble accessing that same account (not using Thunderbird).
re :I don't think I use an email account offered by a company using hostmonster website.
AS jscher2000 mentions - It looks like you have an email address that accesses harvardhistory which is hosted by an organisation that uses hostmonster nameserves.
Located info: https://subdomainfinder.c99.nl/scans/2021-04-19/INC host2124.hostmonster.com IP: 126.96.36.199
Is used by: https://subdomainfinder.c99.nl/geoip/188.8.131.52 Organization: UNIFIEDLAYER-AS-1
So that explains the 'hostmonster' link.
re: I use Norton anti-virus.
I'm wondering if this is being caused by Norton. Please perform a test - To rule Norton out.... Start by switching off both incoming and outgoing scanning to see if there is any effect.
In Norton. click on 'Settings' Select 'Anti-virus' Select 'Scans & risks' 'Email Anti-Virus scan' - click on 'Configure' to open the 'Email Anti-Virus scan' window. Uncheck the 'scan incoming email messages' Uncheck the 'scan outgoing email messages' click on 'Apply' and 'OK'
Continue to run Thunderbird as normal and report back on whether switching off the Norton scan has stopped the security certificate prompt.
So I've figured out the problem, but not how to solve it. It's the calendar. I don't use the Thunderbird calendar, but apparently it is trying to sync with the addressed website. How can I turn this off?
This would not be the Thunderbird default Home Calendar. It does not synchronise with other calendars. It implies you have an additional calendar. In 'Calendar': Left pane = 'Calendar Pane' - should display a list of calendars. Look for an additional calendar - not 'Home' calendar Right click on calendar and select 'Unsubscribe calendar'
So I thought we had it here. I did not have an active calendar, but I had something checking for "tasks" apparently. So I deleted that. The synchronize button was still available to sync, though, so I disabled the "home" calendar as well; the sync button turned light gray and was no longer active, so I thought there would be no more syncing. And maybe there isn't from the calendar; however, the alerts are still coming (though they seem to have decreased somewhat in number). What else could Thunderbird be trying to sync? As I said, even if I remove the "harvardhistory" account there still seems to be syncing going on.
Harvardhistory.org is registered by FastDomains.com. The domain HarvardHistory.org however appears to be hosted at Hostmonster. as the IP address of mail.harvardhistory.org [184.108.40.206] resolves to host288.hostmonster.com [220.127.116.11] (the host number part will possibly change on each connection. They obviously have hundreds of servers given the number part.
Given your email address at harvardhistory is hosted on a server owned and operated by hostmoster. It would appear reasonable to simply allow the exception. Or change the mail settings to not use SSL/TLS as that is what prompts the exception request. But that has more risk than accepting the exception at this point I think, but would be permanent. I suggest you consult with whoever is responsible in the harvardhistory group on web hosting as to what settings you should be using, I actually doubt they expect SSL/TLS.
Thanks—I was thinking that this is the way to go. I still don’t know what in thunderbird is doing the checking, but accepting the exception seems safe. We’ll try it when I get back to that computer.