In addendum to the below: I am now up to TB v 121.0.1 and still have this issue of untrusted S/MIME signatures from DoD sources. As I also have a DoD email, I can send myself test messages. If I send an unencrypted message from my DoD email in reply to to an S/MIME signed message from TB, I get the behavior described below in the original post, where my DoD S/MIME signature is not valid. If I reply to the same signed TB email with an encrypted message from my DoD email, TB decrypts the message but still says my signature is not valid. However, the "invalid" message is slightly different with an additional clue - the message states that "This message includes a digital signature, but the signature is invalid. The message was signed using an encryption strength that this version of your software does not support." See snips 4 (error)+ 5 (successful decryption) below. Is it possible that the newer signature certificates from DoD use an encryption strength that cannot be decrypted by TB, yet the message encryption works? Another clue is that it appears I can send encrypted emails to some DoD recipients (but not all) even if their signature is invalid.

Original Post: I have received a signed email from a DoD sender in TB v115.5.1. The S/MIME icon states the Digital Signature is Not Valid (png below), consequently, the cert was not imported into the TB Certificate Manager. I have updated the DoD Root Certificates, and ensured that the most commonly used DoD Root certs and Email certs have trust settings that identify web sites and mail users (add'l png examples). I cannot examine the cert I received in TB, although I seem to recall I could by clicking on the icon in earlier versions of TB.

How can I: 1) Identify the certificate authorities for the invalid cert to ensure they are trusted? 2) Examine and import the certificate from the user? This is not unique to a single user, it happens with DoD emails whose certs were not already in my Certificate Manager, and the organization I commonly communicate with is changing everyone's email, so everyone is getting new certs. This prevents me from sending encrypted emails to the recipients.

Hello,

Ive installed a MIME-certificate from Sectigo in Thunderbird 115.6.1 on Pop OS (flatpak).

The cert is in a pw-protected .p12-file which I have imported successfully. However when I try to sign emails I get the error-message shown in the first attached image. That the application cant find my cert or that it has expired. Both statements are incorrect imo :)

In attached image 2 and 3 it shows that the application has imported the cert and that its valid until 2025.

Any tips or input is helpful.

Also under Security Devices I have a PKCS#11 module that I have logged in to, but I dont see how that could affect PKCS#12 certs but I read in some guide that I had to do that. Which also apparently mean that master password is set for protecting credentials in the application, so I have to provide that password when opening Tunderbird.

THUNDERBIRD: I've been getting hacker/phishing e-mails on one of my accounts. These are usually but not always from different EU countries. I have message filters that gets most but not all of them. The hacker e-mails are full of random /ab/cd/... hex characters. I think they're trying to use some sort of buffer overflow exploit. I don't think you have it. They also send short message with "click here to unsubscribe" and not much else. (Naturally, I don't "click here".)

I have two questions: 1) It's not clear on the message filters whether I should delete them before or after the junk filter. Either way some of them seem to sneak through to the trash folder. What's the recommended setting so that the filter action takes place? (Filter action == delete) 2) I tried adding a check in the message body for /ad/ or something else. With the body containing all sorts of /hex-pair/ random stuff, the check was pretty sure to hit. The delete action never seemed to work. (Sometimes clicking on the inbox then back to the trash folder gets rid of them. Sometimes not.) These apparent attempt to exploit buffer overflow messages do not contain normal written text.

Maybe you could help me find some other way of auto-deleting this junk. It comes in with all sorts of random subject titles that I can tell are this spam, but would be hard to auto-detect without a sophisticated AI.

Received email from Telstra "From 30 January 2024, Telstra will stop allowing any emails to be sent from unauthenticated email addresses. Put simply, emails won’t be sent if your security settings aren’t configured to validate your username and password before the email is sent. From our records you are currently sending unauthenticated emails from........." "What’s next? To continue to send email, you will need to update your security settings for each device that you use to check and send emails https://www.telstra.com.au/support/email/unauthenticated-traffic-limit "

Unfortunetly this link does not give instructions for Thunderbird. Contacted Telstra support and they said to contact Thunderbird support.

Screen shot of current settings attached. Have been getting the following message when sending multiple emails - "Reference: 451-4.5.3. OB315 Unauthenticated traffic limit met."

Can someone help with this. Thanks in advance.

PROBLEM

=

• Hi, OpenPGP can't send encrypted emails for alias emails, even though keys for master and alias accounts are imported. But the do send and receive fine without it.
• Every key I have is able to encrypt, sign, and decrypt. So I don't have missing parts, as they were just made.
• Version = Thunderbird 115.61 (64 bit), Flatpack on Linux 22.04

EXAMPLE

=

I have a domain email with multiple aliases in this format:

A@A.com = master account. B@A.com = alias C@A.com = alias. The one I want to encrypt.

It's setup properly in Thunderbird. All 3 use the same login / password as A@A.com. They all send / receive regular email just fine.

So I went to Account Settings > A@A.com > End to end encryption > Add key > Import an existing OpenPGP key > select the private key (C@A.com) > Treat it as a personal key (on) > unlock it with the password > It says "OpenPGP keys successfully imported" in a green box as if it loaded properly.

But when I go to send an email with C@A.com, the Encrypt and OpenPGP buttons up top are greyed out, meaning it can't send or save encrypted.

BUT!!! When I make a key for A@A.com (master account - remember the others are aliases), and do the above: it's finally available to select in the End to end encryption spot... And then I can encrypt things for A@A.com just fine... Which tells me that it will only accept master account keys, not aliases.

But C@A.com won't work, which is what I want. C@A.com won't even show up in the end to end encryption spot (likely because it's an alias).

Tools > OpenPGP manager = my keys all show up just fine too.

QUESTIONS

=

1. Any ideas on what's going on / how to fix this?? 2. Why are only master account keys working?

If anyone knows the answer, thanks. This is been pretty aggravating, as this used to work fine a year ago or so, but not anymore for some reason.

I have recently started receiving an expired SSL warning from my A/V that a certificate is expired, thunderbird is indicated to be the application attempting the connection.

After looking at the certificate reported it is, indeed, expired, however I don't know where it is coming from, the domain reported is not one of the domains I check email on, (but it is the root domain for the CPanel hosting that those domains sit on).

How can I find out just what certificate it is finding, and how can I resolve it, all of the domains SSL certs are reported as up2date on other apps, including Firefox.

Where is thunderbird trying to go?

Hi, I detest the new TB feature to automatically deactivate all links in an incoming mail... while this feature might be helpful to some people, I would like to switch it off and do my own due diligence if I click a link or not, but within ms, not until TB allows me to click...I find no way of switching off this newly introduced feature... any idea? thx

Dan

I press 'Get messages' but nothing happens. I cannot find the settings (password etc.) for my incoming messages. I can see settings for the outgoing messages (smtp). This problem seems to have started when I changed the password, as required by my ISP (Virgin Media). I have Thunderbird 115.6.0 build 20231215200246. My operating system is Windows 10. In 'troubleshooting information' the incoming server is pop3.virginmedia.com:995 connection/security SSL/TLS Authentication: Normal password

I must admit that I was very upset when I discovered some time ago that permissions for my files and folders in .thunderbird were messed up in a way that had given all files permission to run as programs. Now I have been living with it for a while without disaster, and I found out the reason for it is that I used ntfs format instead of ext4 on my backup disk. However it still feels bad, and I still don't know how to fix it correctly.

I have for many years before used Fat32 for my backup, .thunderbird included. And it looks like Fat32 takes all those permissions away, so if I just do that again and restore, the illness in quest will be cured. There are some symbolic files I can't copy to Fat32 but Thunderbird doesn't seem to care. Could that be a good way to fix it.?

Or can I perhaps expect an automatic update eventually will fix it.?

Or how do I fix it correctly.?

Thank you in advance.

as of Jan 2 2024 all mail goes to spam/junk. windows 10, TB version 115.6.0 (64bit) using IMAP. as long as my laptop is not on the network mail is in the in box (looking at it on my phone through K-9) No filtering is done at the server. reset training data as soon as my laptop comes on thunderbird moves mail to spam. Junk, move messages in not checked, set as read is not marked at the account level enable adaptive is not checked.

-=-

system was restared. This did stop the mail being marked as junk, but it still moves the messages.

Not sure where else to look!!! now I have to view all new messages in the spam folder.

Just noticed this happening>

I have 3 emails addresses being utilized on my 1 Thunderbird setup.

When I try and send from any address but the original one I set up I get this message:

Sending of the message failed. An error occurred while sending mail. The mail server responded: <davet102@roadrunner.com> sender rejected. The email address you are sending as must match the email address you used to auth. Please check your SMTP settings. AUP#Out-1500. Please verify that your email address is correct in your account settings and try again.

I understand what it is saying. I just do not know where to fix it. I have gone into the outgoing SMTP settings and my original email address is in there. How do I set it up so that the other email addresses can send from their email addresses?

Bob

Recently, my real name has been replaced by "Undisclosed Recipients" in email headers (both sent and received), and also in the Correspondents/From/Recipient columns of the folders. How can I change it back to show my correct name?

I have Thunderbird set up with two email accounts. Until today I han problems with outgoing or incoming email and had saved passwords. All worked fine. Then I had to change my internet modem and somewhere along the line my incoming password for one of the two email accounts got deleted. No idea how. So I went into Settings and deleted all saved passwords. After that I sent a test email for both accounts and was able to re-save my passwords. But when I "Get Email" for either account, nothing happens. No email arrives (there are new emails on both accounts if I check via webmail). But I also am never prompted to save a password for incoming email (mail.comcast.net) for either account.

Why isn't Thunderbird prompting me to save the incoming password, and how can I manually enter a password? I'm baffled and at wit's end.

Thank you!

i want to disable my spamblocker/ junk mail detector in firefox ..... it keeps sending legit emails to the spam file no matter how i adjust the junkmail settings....is there a way to just turn the spam/junk detector off altogether?

i already have spam detector through my cPanel at my webhost and another junkmail detector in antivirus/malware program on my desktop

i don't need firefox diverting legit emails that get through the earlier detectors.

I updated my comcast password recently. Now when I try to send an email I get error about password - dialog comes up one option being reset password. When I click this I expect a dialog to open allowing me to enter the correct password but nothing happens.

I went to saved password dialog and removed the entries there hoping that would force Thunderbird to ask me for password - no joy.

In the Beta version how do I update SMTP password? I do not want to recreate the profile because then I lose lots of stuff - I JUST want to update the SMTP password. None of the pages I find are helping me.

How to change Conversation mode. Incoming email. Replied. Deleting incoming mail also deletes Send which I do not want to happen. How can I solve this ... Thanks Ron

Hi there, my hard disk failed and with a new hard disk I am trying to reconnect Thunderbird so I can get my emails on the laptop. But I can't remember my password and on the login page for emails I can't find an option to request password reset. Please help, don't want to have to stop using Thunderbird

An error occurred while sending mail. The mail server responded: Authentication Required (VM401). Please verify that your email address is correct in your account settings and try again.

SMTP Server

alan.green27@ntlworld.com smtp.virginmedia.com 465 SSL/TLS No Authentication