What is the exact error message you get? You may want to provide a screenshot. http://support.mozilla.org/en-US/kb/how-do-i-create-screenshot-my-problem

The point is to understand why you do get an exception prompt. Just foolishly asking why the exception doesn't stick is the wrong approach.

Also... since Firefox and Thunderbird share a similar approach to verifying SSL certificates, have you noticed any issues or taken any steps in Firefox that might provide a clue as to what is flummoxing Thunderbird?

jscher2000 said

Also... since Firefox and Thunderbird share a similar approach to verifying SSL certificates, have you noticed any issues or taken any steps in Firefox that might provide a clue as to what is flummoxing Thunderbird?

Never had this issue with FireFox or any other program.

=

christ1 said

What is the exact error message you get? You may want to provide a screenshot. http://support.mozilla.org/en-US/kb/how-do-i-create-screenshot-my-problem

Sorry, I am new to this forum (nice to be called a fool on my first entry - very encouraging) I thought you could find cobraflex's thread, he documented it quite fully. Now I see that that doesn't work - I can't find it either! So I went back to Google try https://support.mozilla.org/questions/1041573

Anyway thank you both for your replies - here's a screen shot. It is always the same and it doesn't matter what action I take, it comes back every couple of minutes.

This looks weird... I noticed a whole bunch of duplicate items under Avast Web/Mail Shield, so I deleted them.

Now, after I confirm the certificate, it appears under Avast again!

I don't know enough about this, but surely it should be under Zimbra? 'cause that's what I am using!!!

Hi KenFF, you probably need to import the Avast Web/Mail Shield signing certificate to the Authorities tab. If Avast doesn't make it easy to find on disk, you could export from Firefox and then import into Thunderbird.

Not quite sure what that means but I am Admin so I can do anything:^)

Attaching 2 screen-shots. Is this what you expected?

Which is which -- Thunderbird vs. Firefox?

In the dialog on the left, one of those probably is obsolete. Can you select each individual certificate and check whether it has expired? Basically I figure the most recent one is the relevant one, and the other one can be deleted.

Sorry, I did name the files so you could tell that - but it doesn't show! (not used to this forum yet)

The one on the left if FF and the right is TB after the import.

Here's the 2 lines from FF - look pretty similar to me. Not sure what I was doing last Nov/Dec but this is the time of year that I am usually trying to fix system problems. So could be anything.

OBTW it's still popping up!

I don't know why that isn't working. I'm not inclined to install Avast myself to learn what is going on with it.

For Avast 2015, there is a way to pause just the Mail Shield for a period of time if it's driving you crazy, or to confirm whether that is the issue. The attached image is from their article: http://www.getavast.net/support/turn-off-shields

Hey, I didn't see that before. I'll try it and see if it helps.

I'm wondering though, if Avast will see the certificate request ... Hang on!

I just realised that I haven't been able to get a certificate the last several times I have tried!!! I think that is just today. But I gave up trying some time ago because nothing helps and I just need to dismiss the pop-up and get on.

I am going to try a few things with my new-found knowledge (thanks to you) and get back to you tomorrow.

Thanks,

Well, not really getting anywhere!

Re-booted, disabled Avast email shield, running TB all by itself.. still pops up!

I use one email (inbox.com) which doesn't have a certificate so I removed it from TB and thought I had fixed it. An hour later... it popped up again!

One very strange thing is that, it the past, it to pop-up every couple of minutes and also when I start TB. Now it seems much less frequent and doesn't always pop-up when I start.

ONE THING THAT REALLY BUGS ME...

For any developers reading this; Microsoft has myriads of error messages when something goes wrong but they NEVER tell you which program caused the error! Now that's pretty silly because they know that information and it's pretty basic to solving the problem OR in the case of Windows finding a work-around. ALSO this was a very basic principle in error reporting until Windows came along!

OK, off my soap-box now!!

https://wiki.mozilla.org/Thunderbird:Testing:Antivirus_Related_Performance_Issues#AVAST

You know, I didn't really look at your original screen shot closely. Usually there's no security on port 110, so maybe that is the source of the error.

I gather you want to use a POP connection rather than an IMAP connection for your mail. (Glossary of Terms including types of Accounts) Could you try the settings in the following Shaw support article:

Mail Server Names https://community.shaw.ca/docs/DOC-1056

Not sure how closely these labels map to Thunderbird's names/dialogs:

Encrypted Incoming Mail Server and Settings

• Incoming Server: pop.shaw.ca
• Server Type: POP
• Security Type: SSL/TLS
• Port: 995

Outgoing Mail Server with Authentication

• Outgoing Mail Server: mail.shaw.ca
• Server Type: SMTP
• SSL: on
• StartTLS: on (for Android devices only)
• Port: 587
• Remote Access: Enabled (contact one of our Technical Support Representatives to check whether Remote Access has been enabled for your email account. See Remote Access for more information.)
• Authentication: Plain Text or Password

Actually, please only change the incoming setting for now, since your error is for incoming mail.

Okay, my 2nd pet peeve? It is absolutely amazing how people do not understand that DATA is absolutely useless if it is not accompanied by a DATE!! People NEVER delete data from their databases so you can't tell if it is 6 months or 6 years old!!!

Not quite the case here - your last post was close enough that when I called Shaw we were able to sort it out.

They don't specify incoming security - it defaults to whatever we set up under "Outgoing Server".

So it looks more like this....

    Incoming Server: pop.shaw.ca
   Server Type: POP Mail Server (can't change this)
   Security Type: none
   Authentication: Normal Password (or  Password, transited insecurely)
   Port: 110

Outgoing Mail Server with Authentication

SMTP Server

   Description: Shaw
   Server Name: mail.shaw.ca
   Connection Security: STARTTLS
   Port: 587
   Authentication: Normal Password
   Remote Access: We don't have access to this setting but worth 
   checking maybe - S/B Enabled

OH! AND you need to make sure that his is the DEFAULT server!

This seems to be working so far. I will return if it re-occurs (like to keep the thread complete for others).

Thanks for all your help - REALLY appreciate your persistence, I can now return to being a happy Mozilla user!

Thanks again,

I'd suggest you find a new email provider. Any email provider still not offering TLS for retrieving email today is just ridiculous.

Wrt Avast and sending messages via TLS, what Avast does is basically a man-in-the-middle attack. I.e. Avast is intercepting your secure connection to the server and connects to mail.shaw.ca on your behalf. Your Thunderbird is just talking to the Avast SSL proxy. What that means for you is that Avast is able to see your communication to the server in the clear, even though it's supposed to be encrypted end-to-end. That includes your SMTP password and all the message contents of the messages you send. If you think you can trust Avast - fine. I wouldn't.

Christ1,

You seem to be saying that my outgoing messages are being transmitted in clear text to the Avast server?? Surely not?

Thanks, but I have to trust someone - Avast is my flavour of the month!

I don't regard eMail as secure and I treat it accordingly. I've seen Microsoft's Hotmail server hacked at least once. I am told that they are now encrypting the contact lists on there; but I don't believe it!

I was asked once to send a C/C # by email - I sent it in 4 pieces via 3 different email accounts. The recipient was too dumb to put it together but that was just tough! They had to wait till I could reach a phone!

Hi KenFF, no I think the problem is that when you connect to port 110 without encryption, your mail password is being sent in the clear. Anyone with physical access to the wire between your computer and the mail provider can intercept and read the password and then use it to make your life miserable (e.g., change your password, send spam or phishing messages, reset your site passwords if this account has been designated for password recovery on other sites, delete your mail, etc.). That's why if it all possible you should always connect to your mail account using a secure connection, for BOTH sending and receiving.

Hey, thanks - you both missed the part where I said they default incoming to whatever is set up in "outgoing server"!

Doesn't matter what you put in "incoming".

I think the point is that TB has seperate settings but Shaw only wants to deal with one - I think that makes sense, really?