IMAP login fails with Exchange 2003 (but works withough SSL/TLS)

RESOLVED WONTFIX

Status

Thunderbird
Untriaged
RESOLVED WONTFIX
3 years ago
a year ago

People

(Reporter: j.loh, Unassigned)

Tracking

({regression})

38 Branch
x86
Windows 7
regression

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

3 years ago
User Agent: Mozilla/5.0 (Windows NT 6.1; rv:39.0) Gecko/20100101 Firefox/39.0
Build ID: 20150630154324

Steps to reproduce:

Since updating to Thunderbirtd 38.0.1, IMAP login to an Exchange 2003 server fails.  Downgrading back to 31.7.0 works around the problem.  Thunderbird 38.1.0 has the same problem.

With Tunderbird 38.0.1, after a click to e.g. Inbox, the status bar says: "Überprüfe den Funktionsumfang des Mail-Servers" (German message).  That's all, no acces to mails is possible.

In the IMAP logs below, I replaced the original doman names with domain-name.example.


Actual results:

IMAP log of Thunderbird 38.0.1 (I terminated Thunderbird after waiting some seconds):

5648[13a81f70]: ImapThreadMainLoop entering [this=9253000]
0[1611140]: 9253000:mail.domain-name.example:NA:SetupWithUrl: clearing IMAP_CONNECTION_IS_OPEN
5648[13a81f70]: 9253000:mail.domain-name.example:NA:ProcessCurrentURL: entering
5648[13a81f70]: 9253000:mail.domain-name.example:NA:ProcessCurrentURL:imap://j%2Eloh@mail.domain-name.example:993/select%3E/INBOX:  = currentUrl
5648[13a81f70]: ReadNextLine [stream=9dbebf0 nb=131 needmore=0]
5648[13a81f70]: 9253000:mail.domain-name.example:NA:CreateNewLineFromSocket: * OK Der Microsoft Exchange Server 2003 IMAP4rev1-Server, Version 6.5.7638.1 (av-sbs1.DomainName.local), steht zur Verfügung.

5648[13a81f70]: 9253000:mail.domain-name.example:NA:SendData: 1 capability

5648[13a81f70]: ReadNextLine [stream=9dbebf0 nb=0 needmore=1]
5648[13a81f70]: 9253000:mail.domain-name.example:NA:CreateNewLineFromSocket: clearing IMAP_CONNECTION_IS_OPEN - rv = 804b0010
5648[13a81f70]: 9253000:mail.domain-name.example:NA:TellThreadToDie: close socket connection
5648[13a81f70]: 9253000:mail.domain-name.example:NA:CreateNewLineFromSocket: (null)
5648[13a81f70]: 9253000:mail.domain-name.example:NA:ProcessCurrentURL: aborting queued urls
5648[13a81f70]: ImapThreadMainLoop leaving [this=9253000]



Expected results:

IMAP log of Thunderbird 31.7.0:

7864[11ec98a0]: ImapThreadMainLoop entering [this=113c2800]
0[80f140]: 113c2800:mail.domain-name.example:NA:SetupWithUrl: clearing IMAP_CONNECTION_IS_OPEN
7864[11ec98a0]: 113c2800:mail.domain-name.example:NA:ProcessCurrentURL: entering
7864[11ec98a0]: 113c2800:mail.domain-name.example:NA:ProcessCurrentURL:imap://j%2Eloh@mail.domain-name.example:993/select%3E/INBOX:  = currentUrl
7864[11ec98a0]: ReadNextLine [stream=def1708 nb=131 needmore=0]
7864[11ec98a0]: 113c2800:mail.domain-name.example:NA:CreateNewLineFromSocket: * OK Der Microsoft Exchange Server 2003 IMAP4rev1-Server, Version 6.5.7638.1 (av-sbs1.DomainName.local), steht zur Verfügung.

7864[11ec98a0]: 113c2800:mail.domain-name.example:NA:SendData: 1 capability

7864[11ec98a0]: ReadNextLine [stream=def1708 nb=115 needmore=0]
7864[11ec98a0]: 113c2800:mail.domain-name.example:NA:CreateNewLineFromSocket: * CAPABILITY IMAP4 IMAP4rev1 IDLE LOGIN-REFERRALS MAILBOX-REFERRALS NAMESPACE LITERAL+ UIDPLUS CHILDREN AUTH=NTLM

7864[11ec98a0]: ReadNextLine [stream=def1708 nb=28 needmore=0]
7864[11ec98a0]: 113c2800:mail.domain-name.example:NA:CreateNewLineFromSocket: 1 OK CAPABILITY completed.

7864[11ec98a0]: try to log in
7864[11ec98a0]: IMAP auth: server caps 0x186235, pref 0x0, failed 0x1006, avail caps 0x0
7864[11ec98a0]: (GSSAPI = 0x1000000, CRAM = 0x0, NTLM = 0x20000, MSN =  0x0, PLAIN = 0x100000, LOGIN = 0x0, old-style IMAP login = 0x200000)auth external IMAP login = 0x0
7864[11ec98a0]: trying auth method 0x4
7864[11ec98a0]: got new password
7864[11ec98a0]: IMAP: trying auth method 0x4
7864[11ec98a0]: old-style auth
7864[11ec98a0]: 113c2800:mail.domain-name.example:NA:SendData: Logging suppressed for this command (it probably contained authentication information)
7864[11ec98a0]: ReadNextLine [stream=def1708 nb=23 needmore=0]
7864[11ec98a0]: 113c2800:mail.domain-name.example:NA:CreateNewLineFromSocket: 3 OK LOGIN completed.

7864[11ec98a0]: login succeeded
7864[11ec98a0]: 113c2800:mail.domain-name.example:A:SendData: 4 namespace
[..]
(Reporter)

Updated

3 years ago
OS: Unspecified → Windows 7
Hardware: Unspecified → x86

Comment 1

3 years ago
Same problem.
Windows 7.
Started with 38.0.1, and continues into 38.1.0.

Updated

3 years ago
Keywords: regression
(Reporter)

Comment 2

3 years ago
Does anybody care about this regession?

For me it's a significant drawback that I no longer can acces my Outlook 2003 IMAP server.  I know that it reached the end of its lifecycle, but does this justify that Thunderbird does no longer support it?
(Reporter)

Comment 3

3 years ago
Problem still exists with Thunderbird 38.2.0
(Reporter)

Comment 4

2 years ago
Regression still exists with Thunderbird 38.3.0
(In reply to j.loh from comment #0)

From perspective of IMAP client(Thunderbird), what can IMAP client do when response to "1 CAPABILITY" can not normally receive from server?

Can you check IMAP log with timestamp?
   imap:5 => timestamp,imap:5

Because server looks old server, and because phenomenon when Tb sent data to server, it may be a result of "security fix for attack in SSL".
   Old Tb : Send data in one block.
   New Tb : Send first several bytes, then send remaining data, to protect from attack.
            If fix for such security fix in IMAP clients is not applied at server,
            server may fail to normally receive "1 CAPABILITY" command from client.
(Reporter)

Comment 6

2 years ago
(In reply to WADA from comment #5)

Does this help?

set NSPR_LOG_MODULES=timestamp,imap:5


2015-10-01 11:11:56.665000 UTC - 8148[14a68e20]: ImapThreadMainLoop entering [this=16004000]
2015-10-01 11:11:56.665000 UTC - 0[1c11140]: 16004000:mail.domain-name.example:NA:SetupWithUrl: clearing IMAP_CONNECTION_IS_OPEN
2015-10-01 11:11:56.665000 UTC - 8148[14a68e20]: 16004000:mail.domain-name.example:NA:ProcessCurrentURL: entering
2015-10-01 11:11:56.665000 UTC - 8148[14a68e20]: 16004000:mail.domain-name.example:NA:ProcessCurrentURL:imap://j%2Eloh@mail.domain-name.example:993/select%3E/INBOX:  = currentUrl
2015-10-01 11:11:56.905000 UTC - 8148[14a68e20]: ReadNextLine [stream=16072240 nb=131 needmore=0]
2015-10-01 11:11:56.905000 UTC - 8148[14a68e20]: 16004000:mail.domain-name.example:NA:CreateNewLineFromSocket: * OK Der Microsoft Exchange Server 2003 IMAP4rev1-Server, Version 6.5.7638.1 (domain-name.example.local), steht zur Verfügung.

2015-10-01 11:11:56.905000 UTC - 8148[14a68e20]: 16004000:mail.domain-name.example:NA:SendData: 1 capability

2015-10-01 11:12:50.259000 UTC - 8148[14a68e20]: ReadNextLine [stream=16072240 nb=0 needmore=1]
2015-10-01 11:12:50.259000 UTC - 8148[14a68e20]: 16004000:mail.domain-name.example:NA:CreateNewLineFromSocket: clearing IMAP_CONNECTION_IS_OPEN - rv = 804b0010
2015-10-01 11:12:50.259000 UTC - 8148[14a68e20]: 16004000:mail.domain-name.example:NA:TellThreadToDie: close socket connection
2015-10-01 11:12:50.259000 UTC - 8148[14a68e20]: 16004000:mail.domain-name.example:NA:CreateNewLineFromSocket: (null)
2015-10-01 11:12:50.359000 UTC - 8148[14a68e20]: 16004000:mail.domain-name.example:NA:ProcessCurrentURL: aborting queued urls
2015-10-01 11:12:50.439000 UTC - 8148[14a68e20]: ImapThreadMainLoop leaving [this=16004000]


Again I replaced the original domain names with domain-name.example.
(Reporter)

Comment 7

2 years ago
(In reply to WADA from comment #5)
> Because server looks old server, and because phenomenon when Tb sent data to
> server, it may be a result of "security fix for attack in SSL".
>    Old Tb : Send data in one block.
>    New Tb : Send first several bytes, then send remaining data, to protect from attack.
>             If fix for such security fix in IMAP clients is not applied at server,
>             server may fail to normally receive "1 CAPABILITY" command from client.

Probably you're right.  When I switch off SSL/TLS I can acces my Exchange 2003 server again.

Comment 8

2 years ago
Exchange 2003 is EOL since April 8, 2014, so I suppose it didn't get any logjam etc security fixes.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WONTFIX
Summary: IMAP login fails with Exchange 2003 → IMAP login fails with Exchange 2003 (but works withough SSL/TLS)

Comment 9

2 years ago
Sadly, since this is now WONTFIX and work only supports SSL/TLS, I can no longer use Thunderbird. Goodbye. :(
(Reporter)

Comment 10

a year ago
Finally I found a workaround.  Davmail works with Exchange 2003 and Thunderbird:
http://davmail.sourceforge.net/
You need to log in before you can comment on or make changes to this bug.