Closed Bug 1612081 Opened 5 years ago Closed 5 years ago

thunderbird don't collect messages , version 73.0b1 (64-bit)/ OSX Mojave

Categories

(Thunderbird :: Untriaged, defect)

Product:
Thunderbird
Component:
Untriaged
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: langmc, Unassigned)

Details

(Whiteboard: [tls1.2 required] [pop.free.fr])

Attachments

(1 file)

Capture d’écran 2020-01-28 à 10.46.17.png
797.39 KB, image/png
Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:72.0) Gecko/20100101 Firefox/72.0

Steps to reproduce:

I launch IT

Actual results:

Nothing, It just indicate 'connected to free.fr'

In the console 'configd dhcp_arp_router: en1 SSID unavailable

Expected results:

Nothing, no connection

Removing security flag, as this isn't about a security incident, but a simple connectivity failure.

Not sure what's causing this. Any chance the mail server port uses an invalid TLS certificate (untrusted/expired/missing intermediate/etc.)?

Group: mail-core-security

What can I do to fix this problem?

I made the transfer to Mail.app, but I prefer Thunderbird.

I assume this is for the free.fr server.
This is because is doesn't have a decent ssl version (TLS 1.2 now required). As a workaround you can set security.tls.version.min 1

nmap --script ssl-enum-ciphers -p 995 pop.free.fr
Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-17 15:36 EET
Nmap scan report for pop.free.fr (212.27.48.3)
Host is up (0.051s latency).
Other addresses for pop.free.fr (not scanned): 2a01:e0c:1::110

PORT STATE SERVICE
995/tcp open pop3s
| ssl-enum-ciphers:
| SSLv3:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| compressors:
| NULL
| cipher preference: server
| warnings:
| 64-bit block cipher 3DES vulnerable to SWEET32 attack
| CBC-mode cipher in SSLv3 (CVE-2014-3566)
| Key exchange (dh 1024) of lower strength than certificate key
| TLSv1.0:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| compressors:
| NULL
| cipher preference: server
| warnings:
| 64-bit block cipher 3DES vulnerable to SWEET32 attack
| Key exchange (dh 1024) of lower strength than certificate key
|_ least strength: C

Whiteboard: [tls1.2 required]
Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Resolution: --- → INVALID

"As a workaround you can set security.tls.version.min 1"

How, I do this ?

With the terminal or otherwise !!!

Under Options, use the Config Editor

Whiteboard: [tls1.2 required] → [tls1.2 required] [pop.free.fr]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: