POP3 accounts can no more connect to related server after each Thunderbird software update
Hello, Each time a new release comes (102.4.2 actually) and I accept the upgrade, the problem reappears : it is impossible to load any mail from previously configured POP3 server (gmail or others). It is also impossible to send emails with previously configured SMTP server. In this case, the only solution I've found consists of:
- creating a new profile. - configure POP3 and SMTP accounts, which now works (!). - transfer emails and abooks from old profile to the new one.
The profile corruption occurs during upgrade process and I think that the bug is located in this upgrade process. This is not related to a wrong security configuration or wrong password. Notice that the problem occurs on two PCs on two different locations. The common point to both these installations is that the profile is located on a NAS rather than on the default directory... I've not tried to perform a software update with the default directory. Thank you for your help. C. Capel
All Replies (16)
Hello
do you have set the profile with an UNC ? it may be that the upgrade is not supporting this (it would be a software limitation of course). If yes, try to connect permanently a network drive instead.
Unrelated: if you are doing this kind of configuration to be able to launch Thunderbird with the same profile on 2 different computers, in my opinion, this kind of setup is dangerous because you may launch Thunderbird on 2 computers at the same time and it would corrupt lot of things.
Hello, Thank you for your answer. I use drive mapping of the NAS partition. So it appears to Thunderbird as a drive letter followed by a path (UNC). I'm not using this to access it from 2 computers. It is just a way to free the local drive space and to protect email database with RAID6 scheme. Each PC has its specific area on the NAS. Best regards
It may be a problem with file locking on the NAS. Usually Windows type access on NAS is done with Samba, that is very tricky to configure. I have seen 'marginal' function like Windows backup failing with a NAS type and working fine with another (more ancient !), later fixed by an upgrade to the recent NAS. So, maybe try to refuse upgrade when from inside Thunderbird, exit Thunderbird and upgrade with a standard package downloaded directly.
Another possibility could be that really the profile is in use by another computer while upgrading. In this case it would not be a problem with the NAS...
Hello gp, I'll try your suggestion on the next update (using standard package). For the last remark, I'm sure there is no other computer accessing this profile. Thank you for your help
Hello gp, I've used a standard package for a new test... Problem still occurs.
There is always the possibility to debug the problem with the error console.
Enable for example mailnews.smtp.loglevel to 'All' (validate with the checkmark), then try to send a mail, and look at the error console (Tools / Developer tools). If what happens is not clear, post the result here.
Here is the console exportation for a faulty mail loading transaction with a gmail account (the problem is the same with other accounts) :
NS_ERROR_FAILURE: Couldn't decrypt string 6 crypto-SDR.js:200
decrypt resource://gre/modules/crypto-SDR.js:200 _decryptLogins resource://gre/modules/storage-json.js:846 findLogins resource://gre/modules/storage-json.js:705 findLogins resource://gre/modules/LoginManager.jsm:513 get refreshToken resource:///modules/OAuth2Module.jsm:122 get resource:///modules/OAuth2Module.jsm:112 connect resource:///modules/OAuth2.jsm:74 onPromptAuthAvailable resource:///modules/OAuth2Module.jsm:182 onPromptStartAsync resource:///modules/OAuth2Module.jsm:178 _promiseAuthPrompt resource:///modules/MsgAsyncPrompter.jsm:54 _promiseAuthPrompt resource:///modules/MsgAsyncPrompter.jsm:52 run resource:///modules/MsgAsyncPrompter.jsm:77 AsyncFunctionNext self-hosted:632
NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] 3 OAuth2.jsm:171 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] 2 OAuth2.jsm:171 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] OAuth2.jsm:171 Not showing popup notification password with the message Enregistrer l’identifiant pour google.com ? browserRequest.js:12:13 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] OAuth2.jsm:171 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] 2 OAuth2.jsm:171 Certains cookies utilisent incorrectement l’attribut recommandé « SameSite » 10 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] 3 OAuth2.jsm:171 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] OAuth2.jsm:171 GEThttp://localhost/?code=4/0ARtbsJoz6MNLpUy9I_56nBCJHTbRESOt_B4D1lbAsQICXS320jHqlgF3GAqT-uecAJjiUA&scope=https://mail.google.com/+https://www.googleapis.com/auth/carddav+https://www.googleapis.com/auth/calendar NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] OAuth2.jsm:171 XHRPOSThttps://www.googleapis.com/oauth2/v3/token [HTTP/2 200 OK 244ms]
Échec du chargement pour l’élément <script> dont la source est « chrome://global/content/netError.js ». neterror:128:4 POSThttp://ocsp.pki.goog/gts1c3 [HTTP/1.1 200 OK 43ms]
NS_ERROR_FAILURE: Couldn't decrypt string 4 crypto-SDR.js:200 NS_ERROR_FAILURE: Couldn't decrypt string 4 crypto-SDR.js:200 NS_ERROR_ABORT: User canceled primary password entry 3 crypto-SDR.js:90 uncaught exception: 2147500036 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 NS_ERROR_FAILURE: Couldn't decrypt string 6 crypto-SDR.js:200 REPORThttps://apidata.googleusercontent.com/caldav/v2/ikeypad.qed@gmail.com/events/ [HTTP/2 207 Multi-Status 312ms]
REPORThttps://apidata.googleusercontent.com/caldav/v2/c5i68sj5edpm4rrfdchm6rreehgm6t3j81jn4rrle0n7cbj3c5m6arj4c5p2sprfdtjmop9ecdnmq@virtual/events/ [HTTP/2 207 Multi-Status 303ms]
POSThttp://ocsp.pki.goog/gts1c3 [HTTP/1.1 200 OK 14ms]
GEThttps://accounts.google.com/o/oauth2/auth?response_type=code&client_id=406964657835-aq8lmia8j95dhl1a2bvharmfk3t1hgqj.apps.googleusercontent.com&redirect_uri=http://localhost&scope=https://www.googleapis.com/auth/calendar&login_hint=Jours+fériés+en+Belgique [HTTP/3 302 Found 74ms]
NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] 3 OAuth2.jsm:171 Content Security Policy: L’analyse de « require-trusted-types-for » a échoué, car la directive est inconnue. Content Security Policy: La source « 'unsafe-inline' » présente dans « script-src » ou « style-src » a été ignorée : « nonce-source » ou « hash-source » spécifié. GEThttps://ssl.gstatic.com/accounts/ui/avatar_2x.png [HTTP/3 200 OK 10ms]
GEThttps://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png [HTTP/3 200 OK 12ms]
GEThttps://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png [HTTP/3 200 OK 12ms]
GEThttps://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png [HTTP/3 200 OK 10ms]
GEThttps://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2 [HTTP/2 200 OK 109ms]
GEThttps://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2 [HTTP/2 200 OK 98ms]
GEThttps://accounts.google.com/generate_204?Pe6FSg [HTTP/3 204 No Content 20ms]
Content Security Policy: La source « 'unsafe-inline' » présente dans « script-src » ou « style-src » a été ignorée : « nonce-source » ou « hash-source » spécifié. 2 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] OAuth2.jsm:171 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200 Propriété « -moz-border-radius » inconnue. Déclaration abandonnée. codemirror.css:244:22 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200 mailnews.pop3.4: NetworkTimeoutError: a Network error occurred Pop3Client.jsm:341:18 NS_ERROR_FAILURE: Couldn't decrypt string 6 crypto-SDR.js:200
c.capel said
Here is the console exportation for a faulty mail loading transaction with a gmail account (the problem is the same with other accounts) : (...) NS_ERROR_ABORT: User canceled primary password entry 3 crypto-SDR.js:90
Do your other accounts (non-gmail) use OAuth2 too ? Do you in fact use a primary password for your password manager ?
Hello gp,
"Do your other accounts (non-gmail) use OAuth2 too ?" ===> No they use SSL/TLS with "Cyphered password" "Do you in fact use a primary password for your password manager ?" ===> No
Baffling that you have a message about primary password in your trace. However looking at the code, it seems that the Firefox coder has taken the assumption that when from experience some problem produces a given error code, when getting this same (very generic) error code, it's sane to display to the end user that the very same problem has happened. Terrible error reporting, but it's more or less the norm in the software industry, like when every unknown Windows problem was displayed as 'not enough disk space'.
Anyway, I wondered why there were only messages about OAuth2, nothing about an interaction with an actual mail server, but it seems you posted a trace about *getting* mail, while I had advised you to *send* a mail, the mailnews.smtp.loglevel=All concerns smtp, that is, sending mail, while to get a trace for getting a mail, it will be mailnews.pop3.loglevel=All. So. Please do the trace thing while trying to *send* a mail with a non gmail smtp server, it should make things simpler to understand, assuming that the root cause of the problem is the same in all cases. Also click the trash button in the error console just before trying to send the mail, it will clear the console and isolate just what happens next.
Hello gp, Thank you for your time. In fact, the sent trace has been made one week ago before your request. In the meantime, I have transferred the thunderbird profile on a local drive and the problem disapeared. I'll make a new try tomorrow : transfer profile on NAS, downgrade Thunderbird and trace an email sending on a non gmail account. Best regards
For the record, what is the NAS model you use ? Did you ever try this trick with another NAS, or with a Windows server ?
gp modificouno o
Hello gp, I've made new tries :
- Make new working profile on NAS - Make new working profile on Windows disk share on a separate PC - Update Thunderbird to the brand new 102.5.1 version - Observations : Local and Windows disk share profiles are working Ok. NAS is not working "as usual". This is thus related to the NAS. - The NAS model is Synology RS2418+ with firmware version V6.2.4-25556 update 6. - On two other locations, the same problem occurs with Synology DS1517 (same firmware) and DS1515 (unknown firmware). - I've made a trace for a sending on NAS profile with "mailnews.smtp.loglevel=All" (See below) - Up to 9:58:34, Thunderbird tries to send the email but for an unknown reason, the stored credentials don't work and Thunderbird ask me for the SMTP server password. - I then (09:58:46) enter the password but it does noty work either.
09:58:33,969 mailnews.smtp: Sending message <d249b3a8-c56e-1808-f234-9f42eb804a29@c-logique.be> SmtpService.jsm:85:18
09:58:33,970 mailnews.smtp: Connecting to smtp://relay.proximus.be:587 SmtpClient.jsm:118:17
09:58:34,040 mailnews.smtp: Connected SmtpClient.jsm:386:17
09:58:34,078 mailnews.smtp: S: 220-smtp.skynet.be ESMTP
220 Belgacom relay service - authentication required!
SmtpClient.jsm:412:17 09:58:34,079 mailnews.smtp: C: EHLO [192.168.105.200] SmtpClient.jsm:589:19 09:58:34,090 mailnews.smtp: S: 250-smtp.skynet.be
250-8BITMIME
250-SIZE 26214400
250 STARTTLS
SmtpClient.jsm:412:17 09:58:34,091 mailnews.smtp: C: STARTTLS SmtpClient.jsm:589:19 09:58:34,100 mailnews.smtp: S: 220 Go ahead with TLS
SmtpClient.jsm:412:17 09:58:34,105 mailnews.smtp: C: EHLO [192.168.105.200] SmtpClient.jsm:589:19 09:58:34,268 mailnews.smtp: S: 250-smtp.skynet.be
250-8BITMIME
250-SIZE 26214400
250-AUTH PLAIN LOGIN
250 AUTH=PLAIN LOGIN
SmtpClient.jsm:412:17 09:58:34,269 mailnews.smtp: Possible auth methods: PLAIN,LOGIN SmtpClient.jsm:875:17 09:58:34,269 mailnews.smtp: Current auth method: PLAIN SmtpClient.jsm:627:17 09:58:34,269 mailnews.smtp: Authentication via AUTH PLAIN SmtpClient.jsm:642:21 09:58:34,278 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:34,288 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:46,037 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:46,203 NS_ERROR_ABORT: User canceled primary password entry 5 crypto-SDR.js:90 09:58:46,220 NS_ERROR_ABORT: User canceled primary password entry crypto-SDR.js:90 09:58:47,640 mailnews.pop3.4: NetworkTimeoutError: a Network error occurred Pop3Client.jsm:350:18 09:58:47,819 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200 09:58:47,875 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200
c.capel modificouno o
Hello gp, I've made new tries :
- Make new working profile on NAS - Make new working profile on Windows disk share on a separate PC - Update Thunderbird to the brand new 102.5.1 version - Observations : Local and Windows disk share profiles are working Ok. NAS is not working "as usual" - I've made a trace for a sending on NAS profile with "mailnews.smtp.loglevel=All" (See below) - Up to 9:58:34, Thunderbird tries to send the email but for an unknown reason, the stored credentials don't work and Thunderbird ask me for the SMTP server password. - I then (09:58:46) enter the password but it does noty work either. - The NAS model is Synology RS2418+ with firmware version V6.2.4-25556 update 6. - On two other locations, the same problem occurs with Synology DS1517 (same firmware) and DS1515 (unknown firmware).
09:58:33,969 mailnews.smtp: Sending message <d249b3a8-c56e-1808-f234-9f42eb804a29@c-logique.be> SmtpService.jsm:85:18 09:58:33,970 mailnews.smtp: Connecting to smtp://relay.proximus.be:587 SmtpClient.jsm:118:17 09:58:34,040 mailnews.smtp: Connected SmtpClient.jsm:386:17 09:58:34,078 mailnews.smtp: S: 220-smtp.skynet.be ESMTP
220 Belgacom relay service - authentication required!
SmtpClient.jsm:412:17 09:58:34,079 mailnews.smtp: C: EHLO [192.168.105.200] SmtpClient.jsm:589:19 09:58:34,090 mailnews.smtp: S: 250-smtp.skynet.be
250-8BITMIME
250-SIZE 26214400
250 STARTTLS
SmtpClient.jsm:412:17 09:58:34,091 mailnews.smtp: C: STARTTLS SmtpClient.jsm:589:19 09:58:34,100 mailnews.smtp: S: 220 Go ahead with TLS
SmtpClient.jsm:412:17 09:58:34,105 mailnews.smtp: C: EHLO [192.168.105.200] SmtpClient.jsm:589:19 09:58:34,268 mailnews.smtp: S: 250-smtp.skynet.be
250-8BITMIME
250-SIZE 26214400
250-AUTH PLAIN LOGIN
250 AUTH=PLAIN LOGIN
SmtpClient.jsm:412:17 09:58:34,269 mailnews.smtp: Possible auth methods: PLAIN,LOGIN SmtpClient.jsm:875:17 09:58:34,269 mailnews.smtp: Current auth method: PLAIN SmtpClient.jsm:627:17 09:58:34,269 mailnews.smtp: Authentication via AUTH PLAIN SmtpClient.jsm:642:21 09:58:34,278 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:34,288 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:46,037 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:46,203 NS_ERROR_ABORT: User canceled primary password entry 5 crypto-SDR.js:90 09:58:46,220 NS_ERROR_ABORT: User canceled primary password entry crypto-SDR.js:90 09:58:47,640 mailnews.pop3.4: NetworkTimeoutError: a Network error occurred Pop3Client.jsm:350:18 09:58:47,819 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200 09:58:47,875 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200
How interesting ! thanks for doing all that.
My gut feeling is that the security database is corrupted. AFAIK it's in the key4.db file. Now I don't know if it's supposed to be upgraded with each new install, or if it's possible to save it first and restore it manually after the upgrade. The only thing I know because I tried it, is that copying a profile configuration works by copying the prefs.js (for the accounts), the logins.json (the user passwords, encrypted), and the key4.db (the master security database). Could you give a try to copying the key4.db file from the backup before upgrading ?
About your NAS: it would be interesting to know if it has been upgraded to latest firmware. I am not dealing with them so I can't find easily if V6.2.4-25556 update 6 is the last. It can really matter, I had one time blocking problems with a QNAP Nas with some rarely used Windows function, had to use another device instead, and found recently that the same NAS is now working fine, but I have the policy of upgrading always the firmware, don't know if it's the case for your NAS. CIFS is really tricky and Samba implementations don't always succeed in all cases, they 'mostly work'... until they don't.
Hello gp, I've tried :
- saving key4.db file before and restoring it after upgrade => No change - saving prefs.js, logins.json and key4.db files and restoring them after upgrade => No change
I know that, at Synology, there is a version 7.xxx which is updated in parallel with 6.xxx. The NAS are up to date with 6.xxx scheme. I could upgrade to 7.xx but this implies some packages to become obsolete. So I'd have to change some infrastructure dependances. I'll perform this on one NAS, I hope tomorrow... Best regards