Incorrect autoconfiguration (no encryption) selected for maxq.uk
Categories
(Thunderbird :: Account Manager, defect)
Tracking
(thunderbird_esr115 fixed, thunderbird124 wontfix)
People
(Reporter: lzqhwo, Assigned: mkmelin)
References
Details
Attachments
(1 file)
48 bytes,
text/x-phabricator-request
|
wsmwk
:
approval-comm-esr115+
|
Details | Review |
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Steps to reproduce:
I added a newly created Ionos email account for a newly created domain name to Thunderbird.
Actual results:
The IMAP server configuration was successfully retrieved but encryption was disabled for both IMAP and SMTP.
DNS entries:
example.com. 3600 IN MX 10 mx01.ionos.co.uk.
example.com. 3600 IN MX 10 mx00.ionos.co.uk.
example.com. 3600 IN TXT "v=spf1 include:_spf-eu.ionos.com ~all"
_domainconnect.example.com. 3600 IN CNAME _domainconnect.ionos.com.
autodiscover.example.com. 3600 IN CNAME adsredir.ionos.info.
Expected results:
Encryption should be enabled for both IMAP and SMTP.
Also, the pop-up message said "Thunderbird found your account setup information on 1and1.info. Do you want to proceed and submit your credentials?".
1and1 is now called Ionos.
Assignee | ||
Comment 2•8 months ago
|
||
Tried setting up for foo@ionos.co.uk
It set me up with encryption (I assume) correctly.
Could you try setting up user@maxq.uk in Thunderbird ?
Assignee | ||
Comment 4•8 months ago
|
||
Right, that will set them to not use encryption.
But it's not through DNS. This is found through the Exchange autoconfiguration mechanism.
Does that mean any fix you apply will only apply to my mailbox, and not any other mailboxes hosted on Ionos?
Assignee | ||
Comment 6•8 months ago
|
||
We end up with
curl 'https://user%40maxq.uk@autodiscover.1and1.info/Autodiscover/Autodiscover.xml' --compressed -X POST -H 'Accept: */*' -H 'Accept-Language: en-US,en;q=0.5' -H 'Accept-Encoding: gzip, deflate, br' -H 'Content-Type: text/xml; charset=utf-8' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0 Thunderbird/124.0a1' -H 'Connection: keep-alive' --data-raw $'<?xml version="1.0" encoding="utf-8"?>\n <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/requestschema/2006">\n <Request>\n <EMailAddress>user@maxq.uk</EMailAddress>\n <AcceptableResponseSchema>http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a</AcceptableResponseSchema>\n </Request>\n </Autodiscover>'
The response looks like it wants ssl to be used, so not sure why that's not happening.
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover
xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response
xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<User>
<DisplayName/>
<AutoDiscoverSMTPAddress>user@maxq.uk</AutoDiscoverSMTPAddress>
</User>
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<Protocol>
<Type>IMAP</Type>
<LoginName>user@maxq.uk</LoginName>
<Encryption>SSL</Encryption>
<Port>993</Port>
<Server>imap.ionos.co.uk</Server>
<SPA>off</SPA>
<TTL>0</TTL>
</Protocol>
<Protocol>
<Type>POP</Type>
<LoginName>user@maxq.uk</LoginName>
<AuthRequired>on</AuthRequired>
<Encryption>SSL</Encryption>
<Port>995</Port>
<Server>pop.ionos.co.uk</Server>
<SPA>off</SPA>
<TTL>0</TTL>
</Protocol>
<Protocol>
<Type>SMTP</Type>
<LoginName>user@maxq.uk</LoginName>
<Encryption>Auto</Encryption>
<Port>587</Port>
<Server>smtp.ionos.co.uk</Server>
<SPA>off</SPA>
<UsePOPAuth>on</UsePOPAuth>
<TTL>0</TTL>
</Protocol>
</Account>
</Response>
</Autodiscover>
I agree, it looks like an issue with the way Thunderbird interprets the response. My understanding is that all Ionos-hosted mailboxes being added to Thunderbird will have this suggestion of encryption disabled.
On a separate point, Autodiscover seems to be a useful protocol for spammers to discover which usernames have a mailbox on any given domain:
curl 'https://foo%40maxq.uk@autodiscover.1and1.info/Autodiscover/Autodiscover.xml' --compressed -X POST -H 'Accept: */*' -H 'Accept-Language: en-US,en;q=0.5' -H 'Accept-Encoding: gzip, deflate, br' -H 'Content-Type: text/xml; charset=utf-8' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0 Thunderbird/124.0a1' -H 'Connection: keep-alive' --data-raw $'<?xml version="1.0" encoding="utf-8"?>\n <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/requestschema/2006">\n <Request>\n <EMailAddress>foo@maxq.uk</EMailAddress>\n <AcceptableResponseSchema>http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a</AcceptableResponseSchema>\n </Request>\n </Autodiscover>'
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response>
<Error Time="13:25:07.0000597" Id="574778630411619">
<ErrorCode>500</ErrorCode>
<Message>Wrong password or email address cannot be found. The Autodiscover server cannot determine how to provide configuration information for the requested email address.</Message>
<DebugData />
</Error>
</Response>
</Autodiscover>
Assignee | ||
Comment 9•8 months ago
|
||
This element is apparently not supported after Outlook2016.
Test it using user@maxq.uk (no password)
Updated•8 months ago
|
Comment 10•7 months ago
|
||
Pushed by mkmelin@iki.fi:
https://hg.mozilla.org/comm-central/rev/249fc283143d
Support Encryption element for imap/pop3/smtp exchange autodiscovery. r=leftmostcat
Assignee | ||
Updated•7 months ago
|
Assignee | ||
Comment 11•7 months ago
|
||
Comment on attachment 9377616 [details]
Bug 1876992 - Support Encryption element for imap/pop3/smtp exchange autodiscovery. r=#thunderbird-reviewers
[Approval Request Comment]
Regression caused by (bug #): never worked
User impact if declined: autoconfig may suggest unencrypted when encrypted was available
Testing completed (on c-c, etc.): c-c, beta
Risk to taking this patch (and alternatives if risky): very safe
Updated•6 months ago
|
Comment 12•6 months ago
|
||
Comment on attachment 9377616 [details]
Bug 1876992 - Support Encryption element for imap/pop3/smtp exchange autodiscovery. r=#thunderbird-reviewers
[Triage Comment]
Approved for esr115
Comment 13•6 months ago
•
|
||
bugherder uplift |
Thunderbird 115.10.0:
https://hg.mozilla.org/releases/comm-esr115/rev/4862ffae121b
Description
•