Форум сообщества Thunderbird

I use Thunderbird 115.12.2 (64-bit) with Hotmail, using a local account on Windows 10. Microsoft is introducing 'modern authentication' on Hotmail, and I want to be ready for this, but I cannot follow the guidance at https://support.microsoft.com/en-gb/office/modern-authentication-methods-now-needed-to-continue-syncing-outlook-email-in-non-microsoft-email-apps-c5d65390-9676-4763-b41f-d7986499a90d

If I try to alter my existing Thunderbird Account Settings for my Hotmail account, the authentication method for Outgoing Server (SMTP) is shown as Normal Password but there is no option to change it to OAuth2. If I delete and recreate my Hotmail account in Thunderbird, I get an error message from Microsoft saying that I cannot log in because my browser is not set to allow cookies -- even though I believe I have set both Thunderbird and Firefox (my default browser) to allow cookies.

Hello,

I have been using Thunderbird for years to collect all emails in one place with out issue. In the last few days authentication has started failing. It started on one gmail account prompting for a password. When I enter the password it is rejected. A second GMail account is now doing the same and one of my Yahoo accounts is now doing it too.

I can still access the accounts on my phone using Oauth2.

Nothing I have tried fixes it. I am in danger of losing access to all my of my email accounts on windows.

What is going wrong?

In addendum to the below: I am now up to TB v 121.0.1 and still have this issue of untrusted S/MIME signatures from DoD sources. As I also have a DoD email, I can send myself test messages. If I send an unencrypted message from my DoD email in reply to to an S/MIME signed message from TB, I get the behavior described below in the original post, where my DoD S/MIME signature is not valid. If I reply to the same signed TB email with an encrypted message from my DoD email, TB decrypts the message but still says my signature is not valid. However, the "invalid" message is slightly different with an additional clue - the message states that "This message includes a digital signature, but the signature is invalid. The message was signed using an encryption strength that this version of your software does not support." See snips 4 (error)+ 5 (successful decryption) below. Is it possible that the newer signature certificates from DoD use an encryption strength that cannot be decrypted by TB, yet the message encryption works? Another clue is that it appears I can send encrypted emails to some DoD recipients (but not all) even if their signature is invalid.

Original Post: I have received a signed email from a DoD sender in TB v115.5.1. The S/MIME icon states the Digital Signature is Not Valid (png below), consequently, the cert was not imported into the TB Certificate Manager. I have updated the DoD Root Certificates, and ensured that the most commonly used DoD Root certs and Email certs have trust settings that identify web sites and mail users (add'l png examples). I cannot examine the cert I received in TB, although I seem to recall I could by clicking on the icon in earlier versions of TB.

How can I: 1) Identify the certificate authorities for the invalid cert to ensure they are trusted? 2) Examine and import the certificate from the user? This is not unique to a single user, it happens with DoD emails whose certs were not already in my Certificate Manager, and the organization I commonly communicate with is changing everyone's email, so everyone is getting new certs. This prevents me from sending encrypted emails to the recipients.

Microsoft sent email last night announcing the end of "Normal Password" for Hotmail, and warning that Hotmail would REQUIRE "modern authrentication" beginning 9/16. I have personal desktop subscription to Microsoft 365. I have set Microsoft account to 2FA and checked in Tbird that cookies are enabled.

I have spent hours and days trying & failing. With server imap-mail.outlook.com using OAUTH2, Thunderbird won't sync and shows message saying that server doesn't support the authentication protocol please enter another one. With 2FA still turned on and using Normal Password setting and entering an App Password from Microsoft, the Imap connection is fine about 85% of the time, needing re-entry of the App password about once a day or so (usually requires several tries until App Password gets accepted.)

The 0AUTH2 fails with Norton Smart Firewall turned Off or Turned On-makes no difference.

(Sending email with Outlook and 0AUTH2 DOES work okay.)

I've also tried Imap connection with a different server: Outlook.office365.com, using 0AUTH2.

In this case, Tbird shows me a Timeout error and never makes an Imap connection to the server.  

I've been limping along with the app password, and "normal password" authentication, but now Microsoft announces they will stop accepting connections that are not 0Auth2 ("modern authentication") from Tbird or any other software after 9/16. The clock is ticking. I've tried every remedy I've seen online from Tbird or from Microsoft. Nothing has yet allowed a QAUTH connection for Tbird to a hotmail IMAP server. Please help! !

Microsoft tell me that I must use OAuth2 for my accounts, else I'll be locked out.

Server is imap-mail.outlook.com. If I select OAuth2, then I can't receive emails unless I reset back to Normal Password.

I'm also supposed to set my SMTP server (smtp-mail.outlook.com) to OAuth2, but this isn't an option on the drop down list.

Help, please!

From Sept-16-2024 Microsoft will deprecate Normal Password and require OAuth2 authentication on its email accounts accessed from Thunderbird and other clients.

I'm trying to convert my hotmail accounts on Thunderbird to OAuth2 authentication.

Server Settings Authentication can be set to OAuth2 because OAuth2 is an option in that menu.

But SMTP Server Authentication cannot be set to OAuth2 because OAuth2 is not an option in that menu.

Both Connection Security methods ( Inbound and SMTP ), are set to STARTTLS.

See screenshots, thank you.

I've appreciated using Thunderbird for an ad-free Hotmail experience for quite some time. I've changed my Hotmail password every few weeks lately and Thunderbird worked fine when I entered the new password at the prompt when Thunderbird started.

Just now however, I needed to get into my Microsoft account that uses the same password as my Hotmail account. My login to Microsoft failed. Trying to understand why, I looked in Thunderbird at the saved password for Hotmail's server:

oauth://login.microsoftonline.com (https://outlook.office.com/IMAP.AccessAsUser.All

https://outlook.office.com/POP.AccessAsUser.All 
https://outlook.office.com/SMTP.Send offline_access)

The saved password was a 464 character long ASCII string totally irrelevant to the password I'd selected for Hotmail and Microsoft.

I went through the password change process for Hotmail, was then able to get into my Microsoft account and restarted Thunderbird. As usual, Thunderbird asked for the new password. I entered it and was then able to receive new mail from the Hotmail server in Thunderbird. However, again, the saved password in Thunderbird for Hotmail was not the password I'd entered.

Next, I deleted the saved passwords in Thunderbird, restarted it and this time it prompted me to be sure I'd downloaded it from a reliable source. I've never seen that prompt before. It came with my Linux Mint installation, so I thought it would be safe, but again there's an irrelevant password saved for my Hotmail account.

It's like it eventually changes my password for Hotmail and Microsoft since I can get mail through Thunderbird with the odd password it saves, but if I use what should be my password for Hotmail or my Microsoft account via a web page interface, the password doesn't work.

I'll have to stop using Thunderbird if this continues.

THUNDERBIRD: I've been getting hacker/phishing e-mails on one of my accounts. These are usually but not always from different EU countries. I have message filters that gets most but not all of them. The hacker e-mails are full of random /ab/cd/... hex characters. I think they're trying to use some sort of buffer overflow exploit. I don't think you have it. They also send short message with "click here to unsubscribe" and not much else. (Naturally, I don't "click here".)

I have two questions: 1) It's not clear on the message filters whether I should delete them before or after the junk filter. Either way some of them seem to sneak through to the trash folder. What's the recommended setting so that the filter action takes place? (Filter action == delete) 2) I tried adding a check in the message body for /ad/ or something else. With the body containing all sorts of /hex-pair/ random stuff, the check was pretty sure to hit. The delete action never seemed to work. (Sometimes clicking on the inbox then back to the trash folder gets rid of them. Sometimes not.) These apparent attempt to exploit buffer overflow messages do not contain normal written text.

Maybe you could help me find some other way of auto-deleting this junk. It comes in with all sorts of random subject titles that I can tell are this spam, but would be hard to auto-detect without a sophisticated AI.

Hello,

Ive installed a MIME-certificate from Sectigo in Thunderbird 115.6.1 on Pop OS (flatpak).

The cert is in a pw-protected .p12-file which I have imported successfully. However when I try to sign emails I get the error-message shown in the first attached image. That the application cant find my cert or that it has expired. Both statements are incorrect imo :)

In attached image 2 and 3 it shows that the application has imported the cert and that its valid until 2025.

Any tips or input is helpful.

Also under Security Devices I have a PKCS#11 module that I have logged in to, but I dont see how that could affect PKCS#12 certs but I read in some guide that I had to do that. Which also apparently mean that master password is set for protecting credentials in the application, so I have to provide that password when opening Tunderbird.

Hi. I donate 20 bucks a month to Thunderbird. Love it.

Was wondering if there is a way to disable the "support thunderbird" pop ups that always occur upon launch.

Much obliged.

I have just completely reinstalled Thunderbird v115.11.1 after uninstalling the previous installation. There are two problems, possibly linked to a faulty or missing setting.

Remote images will not display, even after specifically enabling remote images for each email, or after turning on "display remote content" as a default. Also it claims there is a potential security threat with Thunderbird's own web addresses: "live.thunderbird.net." and "addons.thunderbird.net.".

I have attached screen-shots of the error messages, and of a thunderbird email that fails to display its images.

Received email from Telstra "From 30 January 2024, Telstra will stop allowing any emails to be sent from unauthenticated email addresses. Put simply, emails won’t be sent if your security settings aren’t configured to validate your username and password before the email is sent. From our records you are currently sending unauthenticated emails from........." "What’s next? To continue to send email, you will need to update your security settings for each device that you use to check and send emails https://www.telstra.com.au/support/email/unauthenticated-traffic-limit "

Unfortunetly this link does not give instructions for Thunderbird. Contacted Telstra support and they said to contact Thunderbird support.

Screen shot of current settings attached. Have been getting the following message when sending multiple emails - "Reference: 451-4.5.3. OB315 Unauthenticated traffic limit met."

Can someone help with this. Thanks in advance.

I must admit that I was very upset when I discovered some time ago that permissions for my files and folders in .thunderbird were messed up in a way that had given all files permission to run as programs. Now I have been living with it for a while without disaster, and I found out the reason for it is that I used ntfs format instead of ext4 on my backup disk. However it still feels bad, and I still don't know how to fix it correctly.

I have for many years before used Fat32 for my backup, .thunderbird included. And it looks like Fat32 takes all those permissions away, so if I just do that again and restore, the illness in quest will be cured. There are some symbolic files I can't copy to Fat32 but Thunderbird doesn't seem to care. Could that be a good way to fix it.?

Or can I perhaps expect an automatic update eventually will fix it.?

Or how do I fix it correctly.?

Thank you in advance.

Setting up a desktop (Dell Inspiron) for neighbors using latest Linux Mint (21.3 Cinnamon). They have simple needs, LibreOffice, Firefox and email. Plain jane, nothing extra added, straight from latest Mint install.

I am having trouble adding a second email account in Thunderbird (115.8.1). First comcast account was very easy, standard comcast defaults, works fine, downloads and sends. Second comcast account keeps giving "Unable to Connect" poput screen. (https://localhost/?code=0.ac.w2.PciwTw)

I can login to either Xfinity email account through Firefox browser using same addresses ((username)@comcast.net) and passwords I am using to attempt to add second account in Thunderbird.

Tried it with Mint Firewall off, then on, then off again. Do I need to setup firewall for second account?

Can someone give me a hint on this problem? Is is Thunderbird? Comcast? Something else?

how do I print all of my saved usernames and passwords? OR even one at a time? my handwriting is so poor that printing would be a great HELP thanks so much rex thompson.

Thunderbird continues to block my outgoing emails despite my best efforts. Please check my outgoing smpt server settings (attached) and let me know what I need to change. Thanks.

Currently unable to set up to an existing account on a new laptop. I’ve verified user name and password on the old laptop, but these don’t work when setting up the new one. The Thunderbird set-up wizard found my configuration in the Mozilla ISP DB, but can’t verify it. In other words, it won’t accept my username or password. I’ve done this for both IMAP and POP3, but it makes no difference. I’ve confirmed user name and password for both smtp and mail folders, and tried them in setting up. However, on the new laptop, Thunderbird doesn’t ask for user name, but just the name as displayed to others. Once I get set up, I’d like to copy my archive into the new system. One thing at a time…

I regularly send/receive encrypted email on Windows with Outlook but seeing as most of my work is done on my Ubuntu partition, I was interested in a Linux solution. I was able to connect to my exchange server using owl automagically and see my email, no problem. I had some experience getting smart-card readers working on Ubuntu so I already had some things in place using the OpenSC Security Device. TB was able to talk to my card reader, grab the certificates, and I was able to set my S/MIME digital signing and encryption certificates. It definitely works, I can decrypt messages that I had already received in the way I expect, it checks if I have a card inserted, asks for me PIN, and the message decrypts correctly as I would expect. The issue is that if I try to send a signed email to myself, I get the error, "Sending of the message failed. You specified that this message should be digitally signed, but the application either failed to find the signing certificate specified in your Mail & Newsgroup Account Settings, or the certificate has expired." A similar message is sent if I try to encrypt (but not sign) a message to myself but for the encryption certificate.

I don't understand this message, as TB can definitely see my card, ask my card for my private key, and use it to decrypt messages, so I believe my E2E settings are correct. Neither certificate is expired, both expire sometime in 2027. I even added my companies root certificate to my Certificate Authorities in TB, so I don't believe it's an issue with my certificate being deemed invalid, and the error message certainly doesn't suggest as much. I've also tried both of my card-readers in case something was only looking at the first one, but both can be signed into correctly but neither let me send signed/encrypted email. The only clues I can see are the console error in my terminal when the message fails to send...

console.error: mailnews.send: "Sending failed; , exitCode=2147500037, originalMsgURI="

Also when I open a remote debugging session, this is the error shown...

mailnews.send: NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIMsgComposeSecure.beginCryptoEncapsulation]

   _startCryptoEncapsulation resource:///modules/MimeMessage.jsm:510
   _writePart resource:///modules/MimeMessage.jsm:558

Does anyone know what I might be doing wrong and nudge me in the correct direction?