
SMTP server connection fails
I am using a E-mail server that uses LetsEncrypt certificates. I was using Thunderbird 128 ESR without problems. When the certificate was updated, I was requested to confirm - then sending E-mails was possible. Now I have updated to Thunderbird 140 ESR. The E-Mail servers LetsEncrypt certificate was now updated but in Thunderbird I do not get any information about this, nor get I requested to check the new certificate. The SMTP connection just fails. The IMAP access to the E-mail server works fine. (IMAP and SMTP work both fine with K9-Mail on my mobile device)
How can I get Thunderbird to ask me again to check the updated certificate?
Modified
All Replies (10)
Hello there
Okay , that major update 128.esr is ignoring that certificate process (self signed ). Can you check for that date and time that is configured on that pc system?
You can ask thunderbird to create security exceptions?
Modified
The SMTP connection just fails.
What error message do you get? Make sure you're using the correct server settings. Is the Authentication method 'Encrypted password' really correct? Typically this would be set to 'Normal password'.
The IMAP access to the E-mail server works fine.
Assuming IMAP also uses TLS, that means your server cert works.
... in Thunderbird I do not get any information about this, nor get I requested to check the new certificate.
Thunderbird will only present an exception prompt in case something is wrong with a cert. There is nothing you can or need to do to 'check the new certificate'.
Hello there
Yes , after thunderbird s major updates to getting there newer versions of them , it can be that deleting and ignoring of self signed certificates permanently thought the system can be , and that system ain’t going to accept that certificates again without help. By pass manoeuvres are the in the past now and removed ,mostly you can find these nice subject s by major updates for Thunderbird.
https://support.mozilla.org/en-US/kb/how-to-make-screenshots
Modified
Thank you for your replys so far.
This is the translation of the error message I get: "Failed to send message. The message could not be sent because the connection to the SMTP server smtp.XXX.de failed. The server is either unavailable or is rejecting SMTP connections. Please check the SMTP server settings and try again."
Disabling Windows FW and the virus scanner did not help.
> Make sure you're using the correct server settings. Is the Authentication method 'Encrypted password' really > correct? Typically this would be set to 'Normal password'. Yes, 'Normal password' this was the original setting when using version 128 - I just played arround to get it running again and forgot to set the authentication method back ( 'Encrypted password' works with K9 on my phone)
> You can ask thunderbird to create security exceptions? I tried to do. but the servers certificat will be linked only to the IMAP port 443 - see attached screenshot.
Modified
I solved the problem: In the thunderbirds profile directory I found a file called cert_override.txt. I edited it (a comment in the file warns to do so) and replaced the port 443 stored there for the SMTP server to 465. That's it...
Modified
Hello there
Yes, certainly override certificate s is certainly that process of making exception for ssl/tls to bypass that system part or trusted certificates. The call for to go and create a new certificate was also not that difficult to on the end.
Using there tools had made that new certification in no time. I expected that the major update did removed it permanently from that piece of software. Thunderbird gave me good answers but it went solved in other ways , that might be good. I do like Thunderbird.
Greetings googlethunderbird.
Modified
Hello there
Override these older no more good certificates that went present after that big update of Thunderbird ain’t a good way to go further on that pc machine of you with these certs. Security risks are really there if it proceeds with that cert override technique. Possible security issues can and will arise if you proceed like that. Replacing that certificate by that trusted cert builder for that software is a better and good option for you’re system.
Greetings googlethunderbird.
Modified
I use a shared host for my web presence. The hoster takes care, that the LetsEncrype certificate is updated on regular base. As this LetsEncrypt certificate is for the hosts URL, but not for my personal URL the certificateis (though valid and actual) not accepted by Thunderbird. When I poll for new incoming mails via IMAP I get an Information about the URL mismatch and the posibility to check and accept the certificate manully. In Thunderbird 128esr I got the same dialogue when tying to send a mail after the certificate was updated - in Thunderbird 141 I don‘t get this dialogue allowimg manual certificatecheck. The connection just fails.
Also using a E-mail server that uses LetsEncrypt certificates. Recent update of Thunderbird 140.2 silently fails to connect to the server. Editing cert_override.txt does not work for me. Although in the certificate manager, adding security exception gives "valid" when testing https protocol. Wondering what to do with imap and snmp?
After the LetsEncrypt certificate was renewed, I had the Problem again. I could update the renewed certificate in Thunderbirds certificate mmanager, but again the certificat was entered only for the IMAP-port 443, but not for the SMTP-port 465. Manually overriding the port in cert_override.txt to the SMTP-port re-enables the SMTP again.
Modified