Open Bug 1149101 Opened 6 years ago Updated 4 years ago
[autoconfig] When automatically configuring new email accounts TLS should be preferred to STARTTLS
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:36.0) Gecko/20100101 Firefox/36.0 Build ID: 20150321175551 Steps to reproduce: Thunderbird 31.5 - Go to the left hand pane, which shows the email accounts and folders in them - Right click on an email account, a new window will appear - Go to the drop down menu at the bottom of the left hand column labelled Account Actions - Select Add mail account... - In the add mail account window which opens put in: Account actions->Add mail account - Put in any name, XXXXXX@runbox.com (or any random *runbox* address), any password click continue in the bottom right hand of the add mail account window The box will then be modified with Configuration found at email provider, and the configuration which was found. This bug relates to the line which says "Outgoing". Actual results: SMTP account setting is Outgoing: SMTP, secure.runbox.com, STARTTLS (runbox.com may be displayed if you don't have a runbox account set up already, but this doesn't matter) Expected results: SMTP account setting should choose TLS in preference to STARTTLS where both are offered by the SMTP server. My email client offers both TLS and STARTTLS for SMTP. When I get Thunderbird to automatically probe it to find the settings when recreating the account in Thunderbird it offers me STARTTLS by default. It should offer TLS by default if both are available because STARTTLS can, and has been, subverted by ISPs who clear the STARTTLS flag in SMTP requests so that the mail is transferred unencrypted. See, for example, http://www.theregister.co.uk/2014/11/12/customers_email_encryption_stripped_out_by_isps/
Component: Untriaged → Account Manager
Summary: When automatically configuring new email accounts TLS should be preferred to STARTTLS → [autoconfig] When automatically configuring new email accounts TLS should be preferred to STARTTLS
Thunderbird uses the first "outgoingServer" section in the provider's "config-v1.1.xml", there's no problem with this (@see https://wiki.mozilla.org/Thunderbird:Autoconfiguration:ConfigFileFormat#Multiple_servers). Two solutions: - SMTP with SSL should be added first in the autoconfig file, so it will have the priority - never add an SMTP with STARTTLS entry Thunderbird is not the problem here.
You need to log in before you can comment on or make changes to this bug.