Closed Bug 1682778 Opened 4 years ago Closed 4 years ago

Cannot connect to IMAPS account after upgrading to 78 (due to ESET/NOD32 security/AV interference)

Categories

(Thunderbird :: Account Manager, defect)

Product:
Thunderbird
Component:
Account Manager
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: carlo, Unassigned)

Details

Attachments

(2 files)

thunderbird.txt
24.01 KB, text/plain
Details
imap.log.moz_log
5.65 MB, text/plain
Details
Attached file thunderbird.txt

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0

Steps to reproduce:

Upgrade to Thunderbird 78 from 68

Actual results:

The imaps account gets stuck. No download of new mail. If I cancel the saved password, no new password is asked, suggesting that the login step is not reached.
If I try to recreate the account, Thunderbird cannot reach or identify the server.
Disabling Antivirus/Firewall has no effect on this behaviour.

Attached file imap.log.moz_log
Flags: needinfo?(carlo)

Hi, thank you.
Forcing older TLS protocol doesn't help. If I revert to Thunderbird 68 the account works correctly.
I've attacched the required debug file.

Attachment #9193439 - Attachment mime type: application/octet-stream → text/plain

You also checked https://support.mozilla.org/en-US/kb/cannot-send-messages ?

Flags: needinfo?(carlo)

There is no problem in sending messages, SMTPS protocol works correctly. Thanks.

Flags: needinfo?(carlo)

Sorry, i sent the wrong link. See https://support.mozilla.org/en-US/kb/cannot-receive-messages

Flags: needinfo?(carlo)

Yes, I tried with no results. Account is still not working.

Flags: needinfo?(carlo)

first attachment says you are using ESET and there is a known problem with ESET.
If you are using ESET/NOD32 security/AV then probability is very high it is causing your problems.
Exit Thunderbird.
According to their forums, you should temporarily disable SSL until they solve the problem per https://support.eset.com/en/kb3126-disable-ssl-filtering-in-eset-windows-products?ref=esf - the problem is being reported by dozens of users https://forum.eset.com/topic/26517-problems-with-thunderbird-and-imaps/ https://forum.eset.com/discover/

You are right, and I owe you an apology for bothering you all.
The problem was well known, and in fact SSL mail check was disabled on all computers long time ago. Probably it was re-enabled during an update, but everything worked with 68, and so nobody noticed. During my checks, by disabling real time protection I thought I had disabled mail check too, but clearly it was not so.

Anyway, the incompatibility of Thunderbird with almost any commercial antivirus software is becoming a major problem in all production environments. I hope developers can find a solution sooner or later.

Thank you.

The onus is with the Anti-Virus to ensure it does what it claims. You will probably find that ESET will already be looking into this.

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → INVALID
Summary: Cannot connect to IMAPS account after upgrading to 78 → Cannot connect to IMAPS account after upgrading to 78 (due to ESET/NOD32 security/AV interference)

(In reply to carlo from comment #9)

You are right, and I owe you an apology for bothering you all.
The problem was well known, and in fact SSL mail check was disabled on all computers long time ago. Probably it was re-enabled during an update, but everything worked with 68, and so nobody noticed. During my checks, by disabling real time protection I thought I had disabled mail check too, but clearly it was not so.

This issue has nothing to do with ESET email settings, it is the scanning of all SSL/TLS encrypted connection that is the issue.

Anyway, the incompatibility of Thunderbird with almost any commercial antivirus software is becoming a major problem in all production environments. I hope developers can find a solution sooner or later.

The mailDir like file per email storage will go a long way towards alleviating many of the anti-virus woes as it will automatically shrink the size of the files involved. Usually from more than a gigabyte to a few kilobytes.

A large part of the problem is anti-virus scanning of huge files, on slow disks, is slow, often in the realms of 10 minutes per gigabyte scanned. So an update to an inbox file to append the new mail triggers a 10 minute operation to scan it, or a 40 minute one for a 4 Gb file. In a normal Thunderbird setup the file will be due for another update before the scan ends. At the very least there is a another process using clock cycles doing not very much useful. If you move the email from the inbox to some other folder then you have two scanning operations in progress.

However, In the case of Eset I have resorted to the exemption the Thunderbird processes from scanning because in all I am tired of anti virus products that just can not do their job without intrusive features. My web browser is vulnerable because it runs scripts in the HTML. My mail client is not so much because it does not.

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: