Thunderbird 社区论坛

I want to check emails whilst I am at work, but I don't have exclusive use of the machine I use, so I don't want Thunderbird to open at all without a password.

As it stands at the moment, the Thunderbird portal and incoming email headers are visible when I hit Thunerbired.exe and the emails can be opened, although the account can't send emails without entering my password (which I haven't saved).

I'm sure there must be a simple solution to this - but I can't find it

We use several IMAP accounts as archives and I want to be able to search them in the global search and look through them, but safeguard against accidentally deleting an email there for example. In the ideal the whole account or nominated folders in it are flagged read-only and cannot be modified. Alas cannot find a way to do this in the UI nor with Google's help. So hopefully there is a way and someone can help me find it, and if not, convert it to a feature request!

I often forget to use bcc when sending emails to my distribution list. Then the list of addresses shows on the recipients email. I don't want the list to show. How can I avoid this mistake automatically as I age? Scotty84

When I get an email it say it's from "Barclays Bank", or some other, but there is no way of seeing the Actual email sender without opening the email. How do I see the senders email address Before I open it?

Spam email says I've made a payment via PayPal and has some of the numbers of my credit card. Neither PayPal or my bank account shows this payment as having been made. The email asks me to reply to them if I did not make this payment. (which I did not.)

(I have not opened the email, I read the contents via View>Message Source.)

I've tried to forward the entire email as an attachment to spoof at paypal but they've sent it back and want it zipped.

I'm using Win 7, tried right clicking on the file to send it to a zip folder but I don't have that option right clicking in Thunderbird.

How can I zip this email so PayPal will take a look at it?

thanks

Trying to set up Thunderbird to access email on Mediacom email servive. should be encrypted, but Thundeerbird only finds unencrypted connection. When I try to enter settings, Tbird fails to find access. If i try to accept lower security settings, Tbird protests. Mediacom is no help, their link simply restates the obvious. the link they gave me is: http://products.secureserver.net/email/email_thunderbird.htm

HELP!

I tried all of the suggestions to remove or change the Master PW and none work. I am still being asked for a PW. This started after being fully logged in with everything working properly, then it started asking for a Master PW. I tried to delete the PW and change it. The instructions are done as the Help File suggests and the responses seem to indicate all is working. I Requested my PW be Rest and received a reply saying it had been reset but received nothing to indicate what it was changed to or ho to proceed. I copied/pasted the command line into the Error Console but rec'd a response saying the command failed. with no further comments. I have stopped and restarted TB without effect.

Thanks

Suddenly today Thunderbird requires that I input my email password before it can connect and send an email. I have checked the box "remember password" and restarted Thundebird, but it will still ask for the password. I have checked under the security settings to display password and my password is there, but for some reason Thunderbird has just decided not to use the information that it has. I run Windows 8 and have not added any new software or performed any updates besides automatic anti-virus updates. Is there any way to get Thunderbird to go back to the way it was and not require a password everytime I restart it. I have no interest in establishing a master password. Thank you to anyone who can provide an answer.

how do I print all of my saved usernames and passwords? OR even one at a time? my handwriting is so poor that printing would be a great HELP thanks so much rex thompson.

I went to my internet service provider and changed my e mail password. However Thunderbird wont accept my changed password. I am NOT referring to a "Master Password". Help.

geoghans@cogeco.ca

When I click on a link in an email in Thunderbird, it won't open it in a browser window. (I can copy the link and paste it manually into a browser, but this is time consuming and irritating!) Even using the "open link in a browser" command does nothing. Any ideas why this might be?

Subject says it all . . . I installed 24.4.0 on a Windows 7 x64 system and followed the installation instructions to the letter . . . adding a single GMAIL email account with password.

After the install, I checked Options > Security > Passwords > Saved Passwords > Show Passwords to confirm the GMAIL email account password existed - and it did.

While the PC was powered on and I was at my Desktop, TB worked perfectly. But once I powered down or rebooted, TB no longer had the GMAIL email account password. To confirm this PROBLEM, I checked Options > Security > Passwords > Saved Passwords > Show Passwords to confirm the GMAIL email account password existed - and it did not - the entry that once appeared was now 100% gone - no entry existed.

Thinking the install was mucked up, I uninstalled TB (and Firefox), then rebooted - ran cleaners - manually searched for every occurrence of TB, FF and mozilla, and removed only the effected registry entries, also searched for every occurrence of TB, FF and mozilla on the HDD added during the install and removed them - then ran the registry scrubbers again.

Once I knew my PC was totally clean of any TB, FF and mozilla files, directories, etc, I ran Windows Update to ensure the system was up-to-date.

Installed FF, then TB 24.4.0 adding a single GMAIL email account with password - and while the PC was powered on and I was at my Desktop, TB worked perfectly. But once again, once I powered down or rebooted, TB no longer had the GMAIL email account password.

To confirm this PROBLEM, I checked Options > Security > Passwords > Saved Passwords > Show Passwords to confirm the GMAIL email account password existed - and it did not - the entry that once appeared was now 100% gone - no entry existed. According, the EXACT SAME PROBLEM REMAINS and I wasted my time uninstalling FF and TB, cleaning and scrubbing, etc.

I do not share my PC, it is a home PC and I am the only person using it - therefore I do not use a MASTER PASSWORD.

When will this EMAIL password problem be CORRECTED? Or, what is the fix?

Thanks,

CurlySue  :)

Every time I enter an email address, Mozilla pops up the "LDAP Server Password Required". I enter the password and check the "Use password manager to remember this password". Then the message pops up again. I enter the info again. Then it accesses the LDAP server. But next time I type in an email address, it hasn't remembered the password. Thanks, Vilis

Lets say I want to write to Larry.Smith at xyz corp. If I star to type in Lar I get every Larry I've known for 10 years. I want to be able to weed out and eliminate those names that are no longer relevant to me. How can I do this so that only the most recent names pop up? Can you tell me how to do this?

I have tried the solution in tools/options/composition/addressing but this seems to refer to sending emails. I would like to stop the collection of addresses I already have in some portion of my address book(s) and, ideally, be able to select which addresses I do save.

the email "email stating We couldn’t process your monthly recurring donation from noreply@fundraiseup.com" really appears to be a scam

Please advise

Thank You

Microsoft Outlook Client emails are legally valid in a court of law, but Thunderbird emails are not. Can we start taking baby steps towards making Thunderbird emails a little more viable in legal applications?

While I do not understand these things in the depth required, can we start taking baby steps towards achieving legal validity of emails downloaded from Thunderbird?

I am presenting below a conversation that I had with chat GPT regarding this matter for the help of anyone who wishes to take this up.

Chat GPT:

QUESTION 1: 1. As per my limited knowledge, Outlook client emails are legally valid because the header cannot be edited. This however, is not true of Thunderbird emails. Do I understand correctly? 2. What are the challenges in making Thunderbird header not user editable, so that Thunderbird emails also have the same benefit?

Chat GPT: Your question touches on email authenticity and legal validity—especially in regulated or evidence-sensitive contexts. Let's break it down:

Is it true that Outlook headers are immutable and Thunderbird’s are not?

Partially True — but needs clarification.

Email headers in both Outlook and Thunderbird

Can be viewed by recipients, but cannot be edited after the email has been sent. Only during composition can certain headers (like `From`, `Reply-To`) be changed, depending on the setup.

What you cannot change post-sending:

After an email is sent (from any client), the core SMTP headers (`Date`, `From`, `Message-ID`, etc.) are locked. These are generated by the sending server and cryptographically traceable via server logs or DKIM.

Outlook’s extra layer:

Outlook integrates closely with Microsoft Exchange, which stores server-side logs, message tracking, and non-editable audit trails (e.g., via journaling). That’s what gives Outlook/Exchange emails more evidentiary credibility, not just the client itself. In contrast, Thunderbird usually connects via standard IMAP/SMTP, without server-side logging, unless used with a corporate mail server like Postfix + Dovecot + journaling.

In Summary: Table Feature Outlook (w/ Exchange) Thunderbird Headers editable during composition Yes (some fields) Yes (same) Headers editable after sending No No Built-in server-side logging Yes (Exchange) No (unless configured) Strong evidentiary trail Common in enterprise Requires external setup

What are the challenges in making Thunderbird headers non-editable during composition?

The challenge lies not in technical impossibility, but in the design philosophy of Thunderbird:

a. Open Source & User Control

Thunderbird is open source, so users can customize or even extend the client to manipulate headers (via extensions or config changes). This is powerful for advanced users, but not ideal in regulated or high-trust environments.

b. Lack of Server-Side Enforcement

Thunderbird relies on whatever SMTP/IMAP servers it connects to. Unless the server enforces policies (like DKIM signing, DMARC, or header filtering), client settings are only soft limits.

c. Missing Native Audit Features

Outlook/Exchange logs metadata like when a message was sent, delivered, read, etc. Thunderbird lacks that unless paired with enterprise-grade backends. How Could Thunderbird Improve Legal Trustworthiness?

1. Header Locking During Composition

  	Disable or grey out fields like `From`, `Date`, `Message-ID`.
  	Possible via extension, but not enforced by default.

2. Enforced Server-Side Signing (e.g., DKIM)

  	Ensure outgoing mail is cryptographically signed to verify integrity.
  	Requires a properly configured mail server, not just Thunderbird.

3. Journaling or BCC Archiving

  	Auto-BCC all sent mail to a tamper-proof archival system.
  	Thunderbird can do this via rules or server configuration.

4. Extension or Mode for “Forensic Compliance”

  	Custom Thunderbird modes that restrict editing headers, disable extensions, log actions, etc.

Final Thoughts

You're correct in understanding that Thunderbird offers less baked-in legal reliability than Outlook + Exchange. But this isn’t due to insecure design—rather, it's due to Thunderbird’s flexibility and lack of tight server integration. Thunderbird can be made trustworthy with the right server configuration (DKIM, archiving) and possibly some custom add-ons.

If you’re looking to build or propose a “forensic-grade” Thunderbird environment, I can help design one with proper technical constraints and audit trails. Let me know!

QUESTION 2: My legal Counsel has told me that emails downloaded from the Gmail server into the outlook client are legally valid. So even without Microsoft Exchange and all the other server side logging, Outlook emails are legally viable. Chat GPT

Yes — your legal counsel is broadly correct, and here’s the nuanced explanation:

Emails Downloaded via Outlook (from Gmail) Can Be Legally Valid

Even without Microsoft Exchange, emails downloaded into Outlook (say via IMAP or POP from Gmail) can still be legally viable evidence, because:

1. Outlook stores email in a tamper-evident format

Outlook saves emails in `.pst` or `.ost` files. These files have a structured, proprietary binary format that is hard to tamper with without detection. Courts often accept these files (with chain of custody) as original records.

2. Outlook preserves server headers

Even when connected to Gmail, Outlook does not modify or fake headers. It shows server-signed headers (like `Message-ID`, `Date`, etc.) exactly as received. These headers can be verified independently against:

Gmail’s “Show Original” → raw headers DKIM/DMARC authentication

3. Integrity from Gmail itself

Gmail assigns unique `Message-ID`s and signs outgoing mail with DKIM. DKIM proves the message has not been tampered with since it left Google’s servers. So even if Outlook is the client, the source of trust is Gmail + DKIM, not just the software.

In Legal Contexts

4. What courts typically require is:

 A copy of the original message as received (headers intact)
 Some form of chain of custody (who had access, how was it stored)
 Optionally, confirmation from the mail server logs (if challenged)
 Outlook is often used in corporate/legal environments because:

It does not let users easily forge full headers The data format is harder to manipulate Legal teams and forensic experts are familiar with `.pst` files

So even without Exchange, emails received and stored in Outlook are trusted, provided:

The full headers are intact The `.pst` or `.ost` file has not been tampered with

5. How This Differs from Thunderbird

Thunderbird also preserves headers and stores messages locally — but: Table: Aspect Outlook Thunderbird Storage format `.pst`/`.ost` (proprietary) `.mbox` or plain text Header immutability Enforced by format Editable via text file (with effort) Forensic familiarity High (in legal circles) Moderate Tamper-evidence Strong (binary format) Weak (editable with text editors)

So Thunderbird messages can technically be altered more easily after download, especially if stored in `.mbox` or `.eml` formats. That’s why they are viewed with more caution in legal settings.

Conclusion

Yes — emails downloaded into Outlook, even from Gmail, are generally accepted as legally valid, provided the headers are intact and the file has not been manipulated. Outlook's storage format and market reputation contribute to its legal trustworthiness — even without Exchange.

If you want to achieve similar legal credibility with Thunderbird, the focus should be on:

Enforcing DKIM-signing (from Gmail, already done) Locking down `.eml` or `.mbox` file access Possibly archiving in tamper-evident formats

Let me know if you’d like a workflow to export Thunderbird emails into a legally robust format similar to `.pst`.

Stolen laptop .Thunderbird had saved all my accounts passwords . I had no master password. Accounts were synced with my desktop .Now I installed Primary Password and, changed all my accounts passwords . Can the thief still access my accounts on stolen laptop. I backed up my profiles. Can messages on laptop be deleted . If I delete all messages from my desktop, will all messages also be deleted from stolen laptop if thief access thunderbird

I'm trying to send an OpenPGP-encrypted email from a Linux Mint machine using msmtp, relaying through the smtp server, to another Linux machine, to myself, running Thunderbird (with the sender's (my) imported private key already loaded and working in Thunderbird).

The encrypted test message is composed manually as a file (email.eml) and sent using msmtp from the command line. The email successfully passes through the SMTP relay, is received and decrypted by Thunderbird (so the OpenPGP decryption part works that much I know ... ), but the plain text content is not rendered properly and the email is displayed blank, no plain text as expected. Thunderbird has decrypted the message, but it’s not being displayed or rendered.

This makes me think the issue lies in the structure or MIME headers/parts of the .eml file itself — specifically how the encrypted message body is wrapped. This is not something I'm entirely familiar with, and even less so with what Thunderbird expects for a PGP encrypted message...

I suspect the issue is due to incorrect MIME formatting or missing headers (Content-Type, Content-Transfer-Encoding, Charset, or boundaries etc.) needed for Thunderbird to correctly render the decrypted body into plain text once it receives it. Since I’m assembling the .eml manually (and eventually by a script whej I get to it), I may be overlooking certain structural requirements that typical mail clients (say Thunderbird or similar) or gpg front-ends (like mutt, mailx ...) would handle automatically.

My questions are: Is there a correct MIME structure or format expected by Thunderbird for OpenPGP-encrypted emails ? Is this documented anywhere specifically for Thunderbird ? Or, are there publicly available examples or specs that describe how such an email should be structured (e.g., RFCs or working .eml templates)?

Is there a known way to validate or "lint" .eml files for OpenPGP compatibility ? That would be nice ;-)

As I said the internals or MIME formatting is not my thing usually. Any pointers to Th.B. documentation, sample files, or tools that help with .eml structure validation would be grately appreciated.

Thanks in advance, cheers MM