Forum der Gemeinschaft Thunderbird

Guten Tag, ich habe soeben eine einmalige Spende überwiesen. Wahrscheinlich hat die Überweisung per Kreditkare funktioniert. Dabei wunderte mich, dass ich, obwohl ich bei meiner Bank die 2-Faktor-Authentifizierung aktiviert habe, meine Banking-Sicherheit-App keine Bestätigung verlangte. Bei andern Überweisungen auf diversen Webseiten funktionierte das stets. Unterstützt Thunderbird Mozilla die 2-Faktor-Identifizierung nicht? Das wäre schade. Und ich habe keine Gefühl dabei.

Mit freundlichem Gruß Michael Mintel

I'm happy to have been donating a little something each month for a while now. I forget where I set this up. However, the email address they are using to send me a thank you to, is out of date and I don't know where to change it.

Hello,

I am using the latest stable release of Thunderbird client on Windows 11 and just today it's been asking me multiple times for a password to my Outlook account. I have kept adding a one time app password through the official Microsoft website under account management but it's been asking a few times that it needs a password.

Do you know if there's been any outages to the Microsoft servers or what this issue could be related to? Is there a way I can send any logs directly to you that might help find the issue?

Thank you for your time.

Received email from Telstra "From 30 January 2024, Telstra will stop allowing any emails to be sent from unauthenticated email addresses. Put simply, emails won’t be sent if your security settings aren’t configured to validate your username and password before the email is sent. From our records you are currently sending unauthenticated emails from........." "What’s next? To continue to send email, you will need to update your security settings for each device that you use to check and send emails https://www.telstra.com.au/support/email/unauthenticated-traffic-limit "

Unfortunetly this link does not give instructions for Thunderbird. Contacted Telstra support and they said to contact Thunderbird support.

Screen shot of current settings attached. Have been getting the following message when sending multiple emails - "Reference: 451-4.5.3. OB315 Unauthenticated traffic limit met."

Can someone help with this. Thanks in advance.

I've appreciated using Thunderbird for an ad-free Hotmail experience for quite some time. I've changed my Hotmail password every few weeks lately and Thunderbird worked fine when I entered the new password at the prompt when Thunderbird started.

Just now however, I needed to get into my Microsoft account that uses the same password as my Hotmail account. My login to Microsoft failed. Trying to understand why, I looked in Thunderbird at the saved password for Hotmail's server:

oauth://login.microsoftonline.com (https://outlook.office.com/IMAP.AccessAsUser.All

https://outlook.office.com/POP.AccessAsUser.All 
https://outlook.office.com/SMTP.Send offline_access)

The saved password was a 464 character long ASCII string totally irrelevant to the password I'd selected for Hotmail and Microsoft.

I went through the password change process for Hotmail, was then able to get into my Microsoft account and restarted Thunderbird. As usual, Thunderbird asked for the new password. I entered it and was then able to receive new mail from the Hotmail server in Thunderbird. However, again, the saved password in Thunderbird for Hotmail was not the password I'd entered.

Next, I deleted the saved passwords in Thunderbird, restarted it and this time it prompted me to be sure I'd downloaded it from a reliable source. I've never seen that prompt before. It came with my Linux Mint installation, so I thought it would be safe, but again there's an irrelevant password saved for my Hotmail account.

It's like it eventually changes my password for Hotmail and Microsoft since I can get mail through Thunderbird with the odd password it saves, but if I use what should be my password for Hotmail or my Microsoft account via a web page interface, the password doesn't work.

I'll have to stop using Thunderbird if this continues.

I use Thunderbird 115.12.2 (64-bit) with Hotmail, using a local account on Windows 10. Microsoft is introducing 'modern authentication' on Hotmail, and I want to be ready for this, but I cannot follow the guidance at https://support.microsoft.com/en-gb/office/modern-authentication-methods-now-needed-to-continue-syncing-outlook-email-in-non-microsoft-email-apps-c5d65390-9676-4763-b41f-d7986499a90d

If I try to alter my existing Thunderbird Account Settings for my Hotmail account, the authentication method for Outgoing Server (SMTP) is shown as Normal Password but there is no option to change it to OAuth2. If I delete and recreate my Hotmail account in Thunderbird, I get an error message from Microsoft saying that I cannot log in because my browser is not set to allow cookies -- even though I believe I have set both Thunderbird and Firefox (my default browser) to allow cookies.

Hello,

I have been using Thunderbird for years to collect all emails in one place with out issue. In the last few days authentication has started failing. It started on one gmail account prompting for a password. When I enter the password it is rejected. A second GMail account is now doing the same and one of my Yahoo accounts is now doing it too.

I can still access the accounts on my phone using Oauth2.

Nothing I have tried fixes it. I am in danger of losing access to all my of my email accounts on windows.

What is going wrong?

Microsoft tell me that I must use OAuth2 for my accounts, else I'll be locked out.

Server is imap-mail.outlook.com. If I select OAuth2, then I can't receive emails unless I reset back to Normal Password.

I'm also supposed to set my SMTP server (smtp-mail.outlook.com) to OAuth2, but this isn't an option on the drop down list.

Help, please!

From Sept-16-2024 Microsoft will deprecate Normal Password and require OAuth2 authentication on its email accounts accessed from Thunderbird and other clients.

I'm trying to convert my hotmail accounts on Thunderbird to OAuth2 authentication.

Server Settings Authentication can be set to OAuth2 because OAuth2 is an option in that menu.

But SMTP Server Authentication cannot be set to OAuth2 because OAuth2 is not an option in that menu.

Both Connection Security methods ( Inbound and SMTP ), are set to STARTTLS.

See screenshots, thank you.

In addendum to the below: I am now up to TB v 121.0.1 and still have this issue of untrusted S/MIME signatures from DoD sources. As I also have a DoD email, I can send myself test messages. If I send an unencrypted message from my DoD email in reply to to an S/MIME signed message from TB, I get the behavior described below in the original post, where my DoD S/MIME signature is not valid. If I reply to the same signed TB email with an encrypted message from my DoD email, TB decrypts the message but still says my signature is not valid. However, the "invalid" message is slightly different with an additional clue - the message states that "This message includes a digital signature, but the signature is invalid. The message was signed using an encryption strength that this version of your software does not support." See snips 4 (error)+ 5 (successful decryption) below. Is it possible that the newer signature certificates from DoD use an encryption strength that cannot be decrypted by TB, yet the message encryption works? Another clue is that it appears I can send encrypted emails to some DoD recipients (but not all) even if their signature is invalid.

Original Post: I have received a signed email from a DoD sender in TB v115.5.1. The S/MIME icon states the Digital Signature is Not Valid (png below), consequently, the cert was not imported into the TB Certificate Manager. I have updated the DoD Root Certificates, and ensured that the most commonly used DoD Root certs and Email certs have trust settings that identify web sites and mail users (add'l png examples). I cannot examine the cert I received in TB, although I seem to recall I could by clicking on the icon in earlier versions of TB.

How can I: 1) Identify the certificate authorities for the invalid cert to ensure they are trusted? 2) Examine and import the certificate from the user? This is not unique to a single user, it happens with DoD emails whose certs were not already in my Certificate Manager, and the organization I commonly communicate with is changing everyone's email, so everyone is getting new certs. This prevents me from sending encrypted emails to the recipients.

Hello,

All of a sudden, this morning, my Thunderbird (102.12.0) will not sync my Office365 account's inbox via IMAP. I get the error message that

The current command did not succeed. The mail server for account [my university account] responded: User is authenticated but not connected.

A couple of seconds later, the above message is replaced by:

Server outlook.office365.com has disconnected. The server may have gone down or there may be a network problem.

The problem occurs on my laptop and on my desktop. I am sure all my settings are correct. I have read the entire thread here: https://answers.microsoft.com/en-us/outlook_com/forum/all/thunderbird-imap-responded-user-is-authenticated/062a82f6-e678-4462-88b7-dd6cc318386f

I have disabled IPV6 as instructed in the preferred answer: advanced config > network.dns.disableIPv6 = true.

I have also added network.dns.ipv4OnlyDomains = office365.com (I also tried outlook.office365.com).

I am using Kaspersky One antivirus. When I installed it, I had to add Outlook in the trusted addresses, as it wouldn't let me send email, but after I did, Thunderbird was again working as expected (this was two months ago). I am adding this detail just in case it is somehow relevant.

I am not sure when Thunderbird updated to 102.12.0 or if this is in any way related to the problem.

Meanwhile, I can sync incoming mail in my Gmail app on Android. I saw that the IMAP setting there uses port 443 instead of 993. When I tried setting 443 in Thunderbird, it simply took too long to connect to the server and timed out.

I don't know what else to try. Hopefully, you can think of a solution.

Microsoft sent email last night announcing the end of "Normal Password" for Hotmail, and warning that Hotmail would REQUIRE "modern authrentication" beginning 9/16. I have personal desktop subscription to Microsoft 365. I have set Microsoft account to 2FA and checked in Tbird that cookies are enabled.

I have spent hours and days trying & failing. With server imap-mail.outlook.com using OAUTH2, Thunderbird won't sync and shows message saying that server doesn't support the authentication protocol please enter another one. With 2FA still turned on and using Normal Password setting and entering an App Password from Microsoft, the Imap connection is fine about 85% of the time, needing re-entry of the App password about once a day or so (usually requires several tries until App Password gets accepted.)

The 0AUTH2 fails with Norton Smart Firewall turned Off or Turned On-makes no difference.

(Sending email with Outlook and 0AUTH2 DOES work okay.)

I've also tried Imap connection with a different server: Outlook.office365.com, using 0AUTH2.

In this case, Tbird shows me a Timeout error and never makes an Imap connection to the server.  

I've been limping along with the app password, and "normal password" authentication, but now Microsoft announces they will stop accepting connections that are not 0Auth2 ("modern authentication") from Tbird or any other software after 9/16. The clock is ticking. I've tried every remedy I've seen online from Tbird or from Microsoft. Nothing has yet allowed a QAUTH connection for Tbird to a hotmail IMAP server. Please help! !

I have received an email from Microsoft informing me of changes to its authentification procedure. As from Sept, to continue using Thunderbird to access my outlook/hotmail accounts, I have to change the authentification method to Oauth2. The reasons and changes required are detailed here: https://support.mozilla.org/en-US/kb/microsoft-oauth-authentication-and-thunderbird-202 I have 2 problems. 1. imap-mail.outlook.com - I can change my authentification method to Oauth2. However, when I then try to access my mail via TB, I get an error stating that the server imap-mail.outlook.com does not support the authentification method! (see image) 2. Outgoing Server SMTP There is no Oauth2 option available to choose!

Can anyone help? I am using the most up to date version of Thunderbird 115.12.2 (64-bit).

While using Thunderbird, it mysteriously stopped connecting to Yahoo Mail. This happens every few years and I think it's related to Oauth2 credentials.

I generated a new secure mail key and copied it into Thunderbird but that didn't work. So then I checked online, and one of the steps in the Thunderbird instructions is: "Select 'Server Settings' for mail account; Set incoming server 'Authentication Method' to 'Oauth2'; Click on 'OK' ". But Oauth2 isn't one of the options. The choices are normal password, encrypted password, Kerberos/GSSAPI, and NTLM.

I'm using POP. Tbird version 115.11.1.

I have just completely reinstalled Thunderbird v115.11.1 after uninstalling the previous installation. There are two problems, possibly linked to a faulty or missing setting.

Remote images will not display, even after specifically enabling remote images for each email, or after turning on "display remote content" as a default. Also it claims there is a potential security threat with Thunderbird's own web addresses: "live.thunderbird.net." and "addons.thunderbird.net.".

I have attached screen-shots of the error messages, and of a thunderbird email that fails to display its images.

My wife & I have the same PCs running Windows 10 & Thunderbird 115.11.0 (32bit).

We have a hosted web-site that also supports email, and we each have an email account (eg neddy@goon.com.au & minnie@goon.com.au). I've checked that both our POP server configurations are identical but despite that about once a week minnie@goon.com.au receives a warning to add security exception but neddy doesn't. This started happening two weeks ago after a years error free running.

The host has checked that goon.com.au has a valid SSL certificate, so what could be causing the discrepancy and how do I set about fixing it please?

Hello,

Ive installed a MIME-certificate from Sectigo in Thunderbird 115.6.1 on Pop OS (flatpak).

The cert is in a pw-protected .p12-file which I have imported successfully. However when I try to sign emails I get the error-message shown in the first attached image. That the application cant find my cert or that it has expired. Both statements are incorrect imo :)

In attached image 2 and 3 it shows that the application has imported the cert and that its valid until 2025.

Any tips or input is helpful.

Also under Security Devices I have a PKCS#11 module that I have logged in to, but I dont see how that could affect PKCS#12 certs but I read in some guide that I had to do that. Which also apparently mean that master password is set for protecting credentials in the application, so I have to provide that password when opening Tunderbird.

I would like to change my account settings for my hotmail account, but when I try to change from Normal Password under Outgoing Server (SMTP) there is no option for Oauth. Is there something I can do to enable this option.