Все продукты: форум сообщества

gmail via IMAP will no longer send or receive normally as of yesterday. No changes on my end.

Receive attempts - nothing happens Send attempts. This message: Sending of the message failed. Peer’s Certificate issuer is not recognized. The configuration related to smtp.gmail.com must be corrected.

The sent mail does not show in sent mailbox, but it does go through.

Thunderbird is in my list of 3rd party apps allowed access in Google account.

I wish to send an encrypted email. I have imported and accepted the recipient's public key.

When I compose an email to this recipient, the "encrypt" button is disabled.

Also, the security button mentioned in this article is not present on the compose toolbar, or anywhere for that matter https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq#w_how-do-i-send-an-encrypted-or-digitally-signed-email

Windows 11.

Any idea how to fix this?

Hello,

I have read this one https://support.mozilla.org/en-US/kb/openpgp-thunderbird-android-howto and I was aiming for additional detailed info on a specific step in the "Select an encryption key or create a new key" section.

From Thunderbird Desktop I can already send/receive encrypted emails from a specific email account and I have exported, on my laptop, my private and public keys as well as the public keys of some contacts.

On my Android phone I have Thunderbird for Android (version 14) already set up for the same email account and, in order to start using email encryption, I understood from the above link that I first need to install OpenKeychain and then, from the image in step 2 of "Select an encryption key or create a new key" and from the text of the subsequent step 3, that I'll need to choose "I already have a key. Import end-to-end key from other device" and then, if I got it right, try to find the keys which I exported on my laptop from Thunderbird Desktop.

Are there any precise details on how to find those exported keys and load them into OpenKeychain? Meaning, for instance, do I need to copy/paste the keys from my laptop into the archive of my Android phone and then direct Thunderbird/OpenKeychain to that location to pick them up?

Any type of details/links/docs/videos with respect to this, will be useful. As well as any explanations in case I understood wrongly and what I am trying to do is not the proper way to proceed.

Please note: I am not an expert.

Thank you

Best Regards

Hi - I have had gmail and my internet provider email accounts on Thunderbird working for years. Suddenly, a few days ago, I started getting certificate issues from Thunderbird warning me of the security risks. I chose to override. Now I am unable to download (imap) from either email server. I no longer receive the certificate risk dialog box. When I click on File>Get New Messages, message appear at the bottom of the page indicating Thunderbird is "connecting to the imap server" or "checking mail server capabilities", but nothing downloads. What do I need to do to correct this? Access to both servers stopped at the same time so I don't believe anything changed on the server end.

Thanks, Alan

I have 2 emails provided by my ISP (knology), I have received no emails since 7:30 on 12/5, the are on the webmail site. The other 2 emails are gmail accounts they are working fine. I am getting a message, "The certificate for imap.knology.net is not valid for that server. Someone could be impersonating the server, you should not continue."

 The fact that the gmails work and knology does not work is a clue but I don't know what it means.

I have contacted my ISP and after 45 minutes they gave up and said they will escalate and get back to me,

with in a couple days! it was on a Saturday.
                                                         Thank you, Mike

I regularly send/receive encrypted email on Windows with Outlook but seeing as most of my work is done on my Ubuntu partition, I was interested in a Linux solution. I was able to connect to my exchange server using owl automagically and see my email, no problem. I had some experience getting smart-card readers working on Ubuntu so I already had some things in place using the OpenSC Security Device. TB was able to talk to my card reader, grab the certificates, and I was able to set my S/MIME digital signing and encryption certificates. It definitely works, I can decrypt messages that I had already received in the way I expect, it checks if I have a card inserted, asks for me PIN, and the message decrypts correctly as I would expect. The issue is that if I try to send a signed email to myself, I get the error, "Sending of the message failed. You specified that this message should be digitally signed, but the application either failed to find the signing certificate specified in your Mail & Newsgroup Account Settings, or the certificate has expired." A similar message is sent if I try to encrypt (but not sign) a message to myself but for the encryption certificate.

I don't understand this message, as TB can definitely see my card, ask my card for my private key, and use it to decrypt messages, so I believe my E2E settings are correct. Neither certificate is expired, both expire sometime in 2027. I even added my companies root certificate to my Certificate Authorities in TB, so I don't believe it's an issue with my certificate being deemed invalid, and the error message certainly doesn't suggest as much. I've also tried both of my card-readers in case something was only looking at the first one, but both can be signed into correctly but neither let me send signed/encrypted email. The only clues I can see are the console error in my terminal when the message fails to send...

console.error: mailnews.send: "Sending failed; , exitCode=2147500037, originalMsgURI="

Also when I open a remote debugging session, this is the error shown...

mailnews.send: NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIMsgComposeSecure.beginCryptoEncapsulation]

   _startCryptoEncapsulation resource:///modules/MimeMessage.jsm:510
   _writePart resource:///modules/MimeMessage.jsm:558

Does anyone know what I might be doing wrong and nudge me in the correct direction?

After I did the 128.5.2esr update, none of my email accounts can get email with SSL/TLS on. It won't even try the server with SSL/TLS on. If I turn it off, then it can get mail. When I try to change to STARTTLS it will just hang showing checking server capabilities. Some accounts are imap and some POP3

Running Windows 10, version 22H2 updated 12/10/2024 OS Builds 19044.5247 and 19045.5247

Gmail works fine. I've tried the just about all of the things I have found online, but no luck.

Any suggestions? In the past I rolled back to a working version and that fixed it, but it hasn't worked this time. Would removing all of the certificates fix it? Didn't want to take that chance until I threw it out out here!

Thank you!

I generated a CSR file via the instructions at https://support.mozilla.org/en-US/kb/instructions-smime-certificate-using-csr#thunderbird:linux:tb145 . After submitting and receiving a certificate from a CA, importing it the People tab of the Certificate Manager does not do anything: nothing new appears in the Your Certificates tab.

Where are the private keys associated to the generated CSRs stored? How can I access them to resolve this?

Running 140.5.0esr via flatpak on Fedora 43 Kinoite.

I have an email account with multiple identities (aliases), some of which I would like to add under the same OpenPGP key that I'm using for the main identity. I couldn't find any option in the OpenPGP Key Manager in Thunderbird which would allow me to add identities to the key. How should I go about doing this?

Add Security Exception? I can't send any outgoing email messages. I now get a warning alert after hitting Send entitled "Add Security Exception". It says further, "You are about to override how Thunderbird identifies this site." And, "Legitimate banks, stores and other public sites will not ask you to do this." My email provider is Earthlink and the alert identifies the server location as, "smtpauth.earthlink.net:587" and says, "This site attempts to identify itself with invalid information. Unknown Identity. The certificate is not trusted because it hasn't been verified as issued by a trusted authority using a secure signature."

That only available options are, "Confirm Security Exception" and "Cancel". Selection of either option brings up the same next alert, "Send Message Error", "Sending of the message failed. Peer's Certificate issuer isn't recognized. The configuration related to smtpauth.earthlink.net must be corrected."

I didn't intentionally change any settings or receive any notification from Earthlink to that effect, so I don't know why any of these protocols would have changed. I can view the smtpauth.earthlink.net certificate but I don't know how to copy it or attach it for diagnostic purposes. Can anyone provide insight regarding what is going on here and how to resolve it? Any solutions will be greatest appreciated.

I have Thunderbird 128.5.2esr and my email SMIME certificates are not assigned correctly when I send them to GMX. What can I do, are there bugs? 1) Select Cert Screencopy of SELECTION 2) err msg: Err-MSG at sending

Hello,

I am moving over to Thunderbird from outlook. I have about 8 emails with two domains. First email works okay. The second one on the same domain has turned red on the left panel and thunderbird keeps poppoing up the certificate for mail.xxx.com is not valid for the server. The other works I added the exception when setting it up. The mail server is another domain used from my cpanel hosting provider. So it does not match the domain of the emails.

I can't seem to find a way around this to get it to work. Also I under account settings it looks correct. I am thinking this error message is the incoming mail server? I don't see under account setting anything for incoming mail server which on my hosting is the same for incoming and outgoing. Appreciate any help.

Thank you!

I have several iterations of installing SMIME on my email account. I know the pf12 file is valid and it works on all my Android systems. However, when I try to send a digitally signed email on Thunderbird under Ubuntu, I get the message that either the SMIME certificate cannot be found or it has expired even though I went through the correct process to install it (and it shows up on the End to End Encryption settings) and when I display it, it indicates an expiry date of 2027. I have also tried to bundle it with the intermediate certificate but I still get the same error. I even tried to create my own personal SMIME certificate and use it (using SSL) and it had the same issue. Anyone have any suggestions?

This is the error I get: "Sending of the message failed. You specified that this message should be digitally signed, but the application either failed to find the signing certificate specified in your Mail & Newsgroup Account Settings, or the certificate has expired."

Do I need to put the SMIME certificate in a specific folder in order for it to be "re-found"

Hello everyone,

I am using Firefox latest release (eg 145.0.1).

At https://developers.cloudflare.com/ssl/post-quantum-cryptography/pqc-support/ , it seems that X25519MLKEM768 is supported since Firefox 132. Do you confirm ?

I ask this question because when I am connecting to https://pq.cloudflareresearch.com/ and activate the network tab before reaching this URL, and looked at the security tab on the right bottom panel, as you can see in the screenshot attached, in the Exchange group keys, I see x25519 and not x25519mlkem768 meaning that Firefox is not PQC ready for key establishment :-(

Best Regards.