Go Back   Tech Support Forum > Microsoft Support > Internet Browsers and Email > Email

User Tag List

Thunderbird Issue

This is a discussion on Thunderbird Issue within the Email forums, part of the Tech Support Forum category. Hello, I have just moved from the malware section where this issue was not discovered? I use Thunderbird 72.0a1 (2019-12-02)


Like Tree1Likes
  • 1 Post By Stancestans
Reply
 
Thread Tools Search this Thread
Old 12-03-2019, 02:59 PM   #1
Registered Member
 
lucidoobe's Avatar
 
Join Date: Jun 2008
Location: Australia
Posts: 351
OS: Win10


Send a message via Skype™ to lucidoobe

Hello, I have just moved from the malware section where this issue was not discovered?

I use Thunderbird 72.0a1 (2019-12-02) (64-bit) on the PC's on home LAN, They have been all compromised after a false email from my ISP (TPG.COM.AU)
disguised as a non-payment of card response. I phoned TPG and they said they never sent it, and to forward to them. On doing this, all in/out of emails was blocked, and the email was never sent.

I am attaching screen shots of my prior connection security, and after the tech had me go to lower setting of "no security" and password sent "insecurely".

I would like to have the email client secure again in connection to my IMAP account with TPG.
Attached Thumbnails
Click image for larger version

Name:	IMAP_server_settings.jpg
Views:	12
Size:	222.8 KB
ID:	324784   Click image for larger version

Name:	IMAP_smtp_settings.jpg
Views:	10
Size:	221.7 KB
ID:	324786   Click image for larger version

Name:	Later_running.jpg
Views:	13
Size:	181.1 KB
ID:	324788  

lucidoobe is offline   Reply With Quote
Sponsored Links
Advertisement
 
Old 12-03-2019, 05:35 PM   #2
Team Manager
Microsoft Support
 
Corday's Avatar
 
Join Date: Mar 2010
Location: Midlands of South Carolina
Posts: 25,361
OS: Windows10. In the past CP/M, DOS, Windows 95, 2000, 98SE, ME, Vista & Windows 7

My System


As you see, the drop down menu on your far right (facing) has the options.
__________________

The stability of an OS is in direct proportion to the stability of the user.
Corday is offline   Reply With Quote
Old 12-04-2019, 07:36 AM   #3
Moderator TSF
Hardware Team Moderator
 
Stancestans's Avatar
 
Join Date: Apr 2009
Posts: 4,705
OS: Windows 10



Does your ISP provide secure mail transmission at all? The settings provided on TPG's support site are for insecure transmission, which work as you've confirmed in the malware removal thread. I can't find settings for secure transmission except one third-party website which am unfamiliar with. All other sources are consistent with the (insecure) settings available on TPG's support site.

If TPG does provide secure mail transmission, I find it odd that this isn't mentioned anywhere on their website, not even on their community forum as evident here, and the fact that their own techie advised you to set it to insecure strongly suggests secure transmission is not supported! Unfortunately, you can't force Thunderbird to work with a protocol that your ISP doesn't support. I say make another call and ask them about it.

As Thunderbird gets updated to enhance security, the way it implements STARTTLS has definitely changed. Thunderbird must be honoring the ISP's server's response that SSL/TLS is not supported, and doesn't fall back to using plain-text transmission upon receiving that response, hence the reason why connectivity with the mail server is not happening. This behaviour was definitely different in previous versions of Thunderbird.
Stancestans is offline   Reply With Quote
Sponsored Links
Advertisement
 
Old 12-04-2019, 07:02 PM   #4
Registered Member
 
lucidoobe's Avatar
 
Join Date: Jun 2008
Location: Australia
Posts: 351
OS: Win10


Send a message via Skype™ to lucidoobe

Well, I can state definitely that STARTTLS was working on TPG IMAP server before the false email with all their headings nullified it after I tried forwarding to them. Then one by one, all PC's on the home LAN failed STARTTLS, like it followed across from the NAS. I have workable email however, but there's a big question mark as to what happened?
lucidoobe is offline   Reply With Quote
Old 12-04-2019, 10:53 PM   #5
Moderator TSF
Hardware Team Moderator
 
Stancestans's Avatar
 
Join Date: Apr 2009
Posts: 4,705
OS: Windows 10



Quote:
Originally Posted by lucidoobe View Post
Well, I can state definitely that STARTTLS was working on TPG IMAP server before the false email with all their headings nullified it after I tried forwarding to them. Then one by one, all PC's on the home LAN failed STARTTLS, like it followed across from the NAS. I have workable email however, but there's a big question mark as to what happened?
I don't understand what the NAS has to do with anything. Is your Thunderbird profile stored on the NAS, and all PCs on your network are using the same profile location? If that's the case, then it makes sense that any changes you make to the profile will reflect across all Thunderbird installations that use the same profile location. If that is not the case, and each PC has its own local profile in use by Thunderbird, then the one change that affects all PCs in this context is the version of Thunderbird (nightly build), which brings me to the question I've been meaning to ask. Why are you running the daily/nightly build of Thunderbird instead of the release build? What do you hope to achieve by using this build and do you understand the implications of using the nightly build? If you're not beta-testing Thunderbird, then running a nightly build may not be the best decision because you don't seem prepared to handle unexpected changes in how Thunderbird works as it gets updated daily/nightly.

Like I said before, Thunderbird must have changed how it implements STARTTLS. By the way, STARTTLS is NOT an encryption protocol like you seem to think. It is simply a COMMAND that is used to upgrade a connection from a plain-text insecure one to an encrypted secure one IF SUPPORTED by the target (ISP) server.

When you set Thunderbird's security option to STARTTLS, you are not telling it to specifically use a secure connection, you're simply telling it to issue the STARTTLS command to the target server, which basically asks the server whether it supports a secure connection, and which encryption protocol it supports (SSL, TLS or none).

If the server responds positively, saying it supports a secure connection, then the client goes ahead to upgrade the connection to a secure one, using the protocol that the server says it supports.

If the server responds negatively, saying it doesn't support a secure connection, then the client will either stop further insecure communication with the server or will just continue using the insecure connection to communicate with the server. This behaviour will differ from one client to another, and between different versions of the client.

How the client implements STARTTLS is beyond your control. Maybe Thunderbird is taking security a notch higher by stopping further insecure communication when the target server responds negatively to the STARTTLS command, hence why the STARTTLS setting is not working for you anymore. Also, remember, that even though the STARTTLS setting worked before, it doesn't mean that Thunderbird was using a secure connection. Like I said, STARTTLS is not an encryption protocol itself. It's just a command that is issued by the client to the server. Since your ISP evidently doesn't yet support secure communications, then Thunderbird has all along been using an insecure connection to talk to your ISP's server. There's nothing you can do to force the ISP server to use a secure connection IF it DOESN'T support it. Read more about STARTTLS here https://www.limilabs.com/blog/ssl-vs...-starttls-stls to better understand what it is.

Your screenshots show you have multiple outgoing servers configured, and the default one is using port 465 instead of 25. TPG says the port to use is 25. Where did you get the 465 from? Is there another source of information with the secure settings for TPG email that we're not aware of? Stick to what is officially supported by your ISP, or migrate to a more secure email provider. I find it preposterous that a whole ISP does not support secure communications, unless it's a premium feature that you need to pay extra for. Please ask TPG, they are better placed to clarify this because all we have is what is publicly and officially available on their website. Insecure settings are working, and it's what TPG says to use. This is NOT a Thunderbird issue, nor the NAS' nor malware. If you're in doubt, run a full scan of the NAS.
lucidoobe likes this.
Stancestans is offline   Reply With Quote
Old 12-05-2019, 01:24 PM   #6
Registered Member
 
lucidoobe's Avatar
 
Join Date: Jun 2008
Location: Australia
Posts: 351
OS: Win10


Send a message via Skype™ to lucidoobe

Well OK I can get a release version of TB and get rid of Daily. Port 465 and STARTTLS did work perfect before the hack email posing as TPG did whatever it did? TPG don't really care as long as their webmail gives me access.

I have to go to family tomorrow so I guess I will change over when I get back in Aus.

Thank you.
lucidoobe is offline   Reply With Quote
Old 12-07-2019, 09:46 AM   #7
Moderator TSF
Hardware Team Moderator
 
Stancestans's Avatar
 
Join Date: Apr 2009
Posts: 4,705
OS: Windows 10



You can try the unofficial secure settings given here https://www.emailsettings.email/sear...email-settings and see if they work. Set connection security to SSL/TLS instead of STARTTLS. The ports given on that site are the default ones used for secure mail connections, so it might just be an educated guess by whoever published them there. If they work, well and good, if they don't, there isn't much you can do about it, except migrate to a secure provider or use a second provider as a relay/intermediate client to access your ISP mailbox indirectly. For example, you could use Microsoft's Outlook Mail service to fetch emails from your basic ISP mail account. This can also serve as a backup of your ISP mailbox, not to mention you'll benefit from Outlook's superior spam filters compared to what your ISP is offering.
Stancestans is offline   Reply With Quote
Old 12-08-2019, 01:54 PM   #8
Registered Member
 
lucidoobe's Avatar
 
Join Date: Jun 2008
Location: Australia
Posts: 351
OS: Win10


Send a message via Skype™ to lucidoobe

Thank you for the settings info. I am actually using the Windows10 email client "MAIL" and accessing the TPG IMAP email through it while I am overseas.
lucidoobe is offline   Reply With Quote
Old 12-08-2019, 07:17 PM   #9
Registered Member
 
lucidoobe's Avatar
 
Join Date: Jun 2008
Location: Australia
Posts: 351
OS: Win10


Send a message via Skype™ to lucidoobe

downloaded a new release version of TBird 64-bit. Ran it with your settings SSL/TLS successfully. On laptop only, stable with Local folders accessed too.

Deleted Daily TBird.

I will leave this job open until I get back home and do the complete LAN accordingly.

Much relieved.
lucidoobe is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 10:47 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts