Thunderbird Support Forum

I've installed Thunderbird on a new MacBook with macOS Monterey, and the application is not requesting permission to access the Mac's Contacts. As a result, the macOS Address Book is empty and cannot read my contacts on my Mac.

This issue was first raised two years ago in an issue that was identified as a bug and was subsequently fixed and closed. It appears this bug has reappeared.

What should happen is Thunderbird should generate a system request to ask the user to allow it to access "Contacts". This request never appears. When I look at my Mac's System Preferences, under Security & Privacy -> Contacts, there is no entry for Thunderbird. I can't manually add this; the app has to generate the request.

Looking at my console, I found the following warning when I started Thunderbird:

Refusing authorization request for service kTCCServiceAddressBook and subject Sub:{org.mozilla.thunderbird}Resp:{<TCCDProcess: identifier=org.mozilla.thunderbird, pid=9492, auid=501, euid=501, binary_path=/Applications/Thunderbird.app/Contents/MacOS/thunderbird>} without NSContactsUsageDescription key

This message was reported in the bug referenced above. I believe something has probably changed in the latest version of macOS which is causing Thunderbird to incorrectly request access to Contacts from the system.

Should I reopen the bug? Create a new bug? Please advise.

Thunderbird 91.3.1 macOS Monterey (12.0.1) MacBook Pro 2021

Regarding having correct settings for smtp server...After working fine for a couple of years, in May my Thunderbird email client starting getting an error when trying to send email, requiring having to wait and retry multiple times to get the email to send without getting the timeout error. I spent a lot of time in May to resolve without success, then a lot more time this month. I have tried several different settings for "Authentication method" and "Connection Security" The smtp settings specified by my email provider, WOW, either don't match the Thunderbird options, or result in error. A different set of settings I tried seem to work, as well as a variation of what a WOW rep emailed to me in May. However I wonder if either of these settings cause any security issues to be concerned about--that is my main question now, since sending email seems to be working fine again.

1) The other week I set smtp server settings to Authentication method: Normal password Connection Security: STARTTLS That has been working fine for a couple weeks without error. However since WOW says they don't support STARTTLS is that a problem to specify those settings?

2) What one WOW rep specified in May on a screen shot with a handwritten note: Authentication method: Normal password Connection Security: None However when I specify "Connection Security: None" the only option allowed for Authentication method is: "Password, transmitted insecurely." Email seems to work without error with those settings. However is "Password, transmitted insecurely" a problem? Or is that OK? (Transmitted Insecurely doesn't sound reassuring!)

In multiple calls and hours of time with my email provider, WOW, they say they don't have any information about what the settings should be for Thunderbird, and despite their efforts have not been very helpful. Attached is some information they have provided on different occasions, or from the web site. Screen shot -- Outgoing Server (SMTP) Settings Standard POP3 Server information Email Server Settings

I have 6 gmail accounts which until last Thursday were all working fine on Thunderbird. However, I received an email for my main account from google telling me that they were switching on 2 step authentication, whether I wanted it or not.

After that imap stopped working for this 1 account. So I logged out of google for this account, and logged in again, using 2 step via phone. Still not working.

So I checked all my Imap settings with googles instructions, updated from the default smtp server, and still nothing.

Went back to google, and found I could switch off 2 step verification which I did. Thunderbird now partially works. I can download emails but when I come to send or save as draft, I get the error message as shown.

Windows 10, Firefox 91.4.0 (64bit)

TYIA

I followed instructions posted on a TB fourm on how to generate an app password in order for my TB to work with AOL. I'm receiving mail in Thunderbird but can't send. I suspect that I may not have followed the instructions completely and would like to start over. Do I need to delete the AOL generated password on AOL and create a new one or just create a new one for the outgoing server? Would appreciate any help! JD

Hello, I received a Yubikey 5 and all is working fine using GPG with it, except integration with Thunderbird on Windows.

I followed this guide: https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards including 64 windows section

I was able to successfully send mail to myself, but then thunderbird failed at decrypting this message: Thunderbird is indicating that key is not available and I see no prompt from gpg-agent. Key is correctly declared as GPG external.

If I try to decrypt tis email by storing it on file and using gpg in command line, it works fine: agent is asking for Yubikey PIN and gpg is decrypting the message. But this is an awful workaround, not user friendly at all.

I also did sanity check by sending to myself a message encrypted with a key generated by Thunderbird: all is working fine, the message is decrypted within Thunderbird.

=> How do you make Thunderbird decrypt message encrypted with key stored in Yubikey? How do you make the gpg-agent called by thunderbird?

If I view an old mail, and if the remote contents are no longer available in the server, then I cannot know the contents. Whatif Thunderbird downloads the contents (when the email is downloaded) and includes them in message itself?

Gmail is going to require OAuth 2.0 sign-in SFAIK, that means I will no longer be able to access gmail with Thunderbird. Are there plans for Thunderbird to meet the OAuth 2.0 requirement?

The following Thunderbird error just started today for FOUR out of FIVE of my accounts. The error reads: "The stat command did not succeed. Error getting message number and sizes. Mail server pop.gmail.com responded. Invalid credentials." Connection Security is: SSL/TLS Authentication Method is: OAuth2 Nothing was changed in several weeks.

I saw this error was posted before but NO ONE solved the problem.

Please help.

I'm unable to add any of my Gmail accounts into Thunderbird.

When I add a Gmail account, it goes through the process of logging in via OAuth2 using the default configuration, and I get the pop-up. I enter my email address and password, and it brings me to the Google screen where I approve of giving access to Thunderbird (this screen: https://www.google.ca/search?q=google+account+permissions+screen+thudnerbird&tbm=isch&ved=2ahUKEwjtpY2M7I_3AhXHg3IEHaaPCOkQ2-cCegQIABAA&oq=google+account+permissions+screen+thudnerbird&gs_lcp=CgNpbWcQA1CVA1jjDmDED2gAcAB4AYABgwGIAbcJkgEDNi42mAEAoAEBqgELZ3dzLXdpei1pbWfAAQE&sclient=img&ei=jiFWYu2mCceHytMPpp-iyA4&bih=754&biw=1600#imgrc=ZNXSyYRJ67bY4M).

When I hit Allow, the pop-up closes, and then Thunderbird comes back with "Unable to log in at server. Probably wrong configuration, username or password."

I have no problem adding Gmail to other apps; it's only Thunderbird that is having this issue. I've already tried a fresh install on a fresh profile, but it continues to fail.

Hi there, I created a self signed certificate for use with sending and receiving emails. However, when I try to send or receive I get the following error message: "Unknown Identity" The certificate is not trusted because it hasn't been verified as issued by a trusted authority using a secure signature." When I click "Confirm Security Exception" it just hangs. On the server side the error is: fatal bad certificate. SSL alert number 42 any suggestions would be appreciated. Thanks

I've been running TB38/linux for a long time and have many extensions and .css entries. In order to comply with gmail's upcoming OAuth2 requirement, I just installed TB91 and copied over the contents of my TB38 profile into the newly-created profile.

Imagine my disgust to find that none of my .css entries (mostly involving fonts not dealt with in the preferences) and most of my extensions and colors are inoperative. I've been tweaking TB since it was Netscape .9 and appearance and LEGIBILITY (Arial bold) is really important for something that I use for many hours per day. Quite frankly, I hate this new version. If I have to I will use it in order to avoid losing my SORTED email going back to 1995, but I'll do it resentfully.

It has been my experience that with each update I lose something of value to me -- hence my stop at V38. What is the oldest version of Thunderbird/linux that will satisfy gmail's OAuth2 requirement?

I'm sure I'm not the only one wondering...

Hello!

After upgrading from a very old (but perfectly working) version of Thunderbird (24.3.0 on Windows 7) to 91.8.1 (on the same Windows 7 system), Thunderbird can no longer remember my passwords.

Apart from this everything in the new version works. Emails are retrieved fine when I enter the passwords manually.

Symptoms:

• always asks me for my passwords, even when I have checked the "Use Password Manager to remember this password" checkbox.
• no stored passwords show up in "Saved Passwords ..."
• When I try to set a primary password (I did not use one so far), I get an error "Unable to change Primary Password".

What I tried after searching for solutions:

• Remove files cert*.db and key*.db from my profile. Does not make any difference.

best regards

Edwin

Outgoing email includes the user-agent header. I would like to disable or modify the string for better security.

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.0

Thanks...

This is my first post. But I have been reading and benefiting from all the expertise I have found here for many years! Thanks to all!

Trying to plan ahead for the Gmail OAUTH2 change, I upgraded to Tbird 91.9.0.

My Account Settings all transferred to the new version. I do have multi Gmail accounts, as well as other email accounts, but from other posts here, this should matter.

While I am a long term Tbird user, I am a newbie with OAUTH2. I can't seem to connect. So I am writing here for help!

My setup: - Dell notebook running W10 - internet connection strong - am using a Netgear Nighthawk Hotspot Router, which works great with

    everything else, so I really doubt that is an issue

- testing without a firewall; running McAfee - resetting Tbird account back to "Normal Password", then Gmail connects

Incoming Server set to IMAP: imap.gmail.com:993 w SSL/TLS and OAuth2 Outgoing: smtp.gmail.com:465 w SSL/TLS and OAuth2

I have been consistently testing with the same gmail account: - YES, I know my password; it works with both the Gmail web interface,

   or after going back to "Normal Password" instead of OAUTH2

- allow any Alert emails via Gmail Web Interface, repeatedly. - Ran Captcha ... many times! In case someone else reading here needs this, it is here: https://accounts.google.com/b/0/DisplayUnlockCaptcha and you must be logged into the Gmail Web Interface when running this. I have learned to take a pause after running this, for it do its thing.

If Toad-Hall is reading this, I found your list of steps here very helpful: https://support.mozilla.org/en-US/questions/1375558 Worth repeating for others who are struggling, like me.

As recommended here: https://support.mozilla.org/en-US/questions/1373706 Cookies: all cleared Remembered Passwords: all cleared

Also looked at this: https://support.mozilla.org/en-US/questions/1375702 Originally, my cookies WERE blocked. I did need to change my Web Content as recommended in this post:

   Selected: Remember web sites and links I've visited
   Selected: Accept cookies from sites
   Accept third-party cookies: Always
   Keep until : they expire
   Not selected: 'Send web sites 'Do not track'..... 

Also: In Privacy and Security -> Web content -> Exceptions, added: https://accounts.google.com set to 'Allow' and Saved Changes. Then exit Tbird, took a short pause, started Tbird again, per the advice to properly update the files.

Should I be doing BOTH of these? This post shows options: https://support.mozilla.org/en-US/kb/automatic-conversion-google-mail-accounts-oauth20 So if I Select to accept cookies, should I also set the Exception??? I have tested various combinations of these settings, but not seeing a cookie.

In Tbird, when testing to connect, I see:

"Sign in with your Google Account" Enter my account password (I see an error msg here when I typo the password, no error when entered correctly) Also, have checked "Stay Signed In" while trying to Authorize, as recommended. then click Allow on the second screen.

After a few seconds, keep seeing popup in lower right corner of screen: "Authentication failure while connecting to server imap.gmail.com" Sometimes, this msg does not popup, which seems odd to me, but it still fails: Cookies: still empty Password: still empty

I keep updating and reading and updating the setups and testing again, but no cookies for me!

I admit I have gotten off track, testing and reading posts:

Thought my problem might involve Certificates for a while, but now do not think OAUTH2 is using Certificates. Right?

Thought for a bit it might be Javascript disabled, but I am NOT seeing the popup window that shows this error, from this post: https://support.mozilla.org/en-US/questions/1373379 refers to: https://support.mozilla.org/en-US/questions/1286410 Did find my way to Config editor: https://support.mozilla.org/en-US/questions/1349136 Followed this advice: "Click the 3-bar menu icon, Preferences, and find Config. editor at the bottom of the General section. Or, type editor in the search box at the top of Preferences." Then searched for "Javascript" and found most of settings were true, like javascript.enabled is "true". Should everything that a search for javascript finds be set to true? Since I do not see the error msg, I believe this is not my problem.

Stans posted another helpful summary here: https://support.mozilla.org/en-US/questions/1375538 "After you've changed your accounts to OAuth2, delete all records of your Google Account passwords from Thunderbird's password vault (Saved Passwords). With OAuth2, your passwords are not stored by Tbird. Instead, an OAuth2 token (a long string of meaningless characters) is stored in the password field. That's what you should see after completing the OAuth2 process for each of your accounts. You have to do it twice, once for incoming and once for outgoing server. Also, you must allow cookies in Thunderbird's Preferences, otherwise it won't work."

If I am following this correctly, after testing to try and authenticate, I should see a Cookie and a Saved Password being created but they are not.

Think this is my problem!

In Gmail web interface, I am not sure of some settings:

In Manage Your Google Account -> Security:

1. Should Sign-in 2-step verification be on/off? (its off) 2. Third Party apps w access shows Tbird (think this is new, don't recall it before) 3. Allow Less Secure App: turn off (was On for normal pswd; either way fails w OAUTH2) (think I have tested all combinations of the above, with no success) I welcome suggestions on how I should set these to connect with OAUTH2.

I feel like I am getting close here, but I am stuck. Is there anything else, maybe something I have not heard about, like Captcha, that I should try?

Have I missed a setting somewhere? Suggestions???

Meadowlark13

I can't login on one email address to my gmail via thunderbird because the key seems to be unrecognized whereas when I log in to the same account using web browser it works effortlessly. Moreover installing a new instance of thunderbird or disabling Kaspersky Internet Security doesn't work either.

I can still login to the previously made google accounts via thunderbird on fresh install though I cannot do the same for the email in question.

Any hints?

The image I shared shows that the key is unrecognized by the website although it is. It displays for each of 3 keys added to this account. On website all of them works as well for other email accounts on gmail via thunderbird.

My organization uses Google Workspaces/GSuite, and my supervisor needs about forty mailboxes on his laptop (macOS Monterey). These are accessed through POP, with OAuth2 authentication.

Previously, when one of these OAuth tokens expired or otherwise became invalid, attempting to check mail on that account would pop up the Google authentication page. Now, it just produces an error message ("The STAT command did not succeed .. Invalid credentials"). In order to re-authenticate to the account, I have to manually go into saved passwords and delete the invalid OAuth token. At that point, attempting to check the mailbox will pop up the authentication page.

Is there a way to make it so that, if Google's server replies with "Invalid credentials", Thunderbird will pop up the authentication page automatically, rather than requiring me to manually delete the invalid token? I searched Config Editor, but didn't see anything obvious.

Thank you for your time.

Hello. I have deleted all messages from one email (sent and received). The problem is, when I type the email in search system, there is still one (sent) message but it's invisible and I can't find it in any folder. How can I delete that one message? For further details, ask me here.