Unable to set up IMAP over SSL using the New Account Wizard

RESOLVED FIXED in Thunderbird 3.0b3

Status

Thunderbird
Account Manager
P1
major
RESOLVED FIXED
14 years ago
8 years ago

People

(Reporter: mkhusid, Assigned: Bienvenu)

Tracking

(Blocks: 1 bug)

Trunk
Thunderbird 3.0b3
Dependency tree / graph
Bug Flags:
blocking-thunderbird3 +

Firefox Tracking Flags

(Not tracked)

Details

(URL)

Attachments

(4 attachments, 13 obsolete attachments)

(Reporter)

Description

14 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5) Gecko/20030916
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5) Gecko/20030916

The New Account Wizard does not allow to set up IMAP-SSL server.

This problem may seem as something cosmetic for a single user application (just
go to Tools/Account Settings, prefs.js and fix it), but it is nearly a
showstopper for a multi-user deployment. I am working on a site with up to
several hundred users now. The site OS are Redhat Linux and Solaris 9.

Reproducible: Always

Steps to Reproduce:
1. Run a new installation of Thunderbird. A new account wizard (inherited from
mailnews) pops up.
2. Set up incoming server type as IMAP and incoming server as your-server.ip
3. Complete the wizard.


Actual Results:  
Thunderbird assumes that a server is non-SSL and defaults to port 143.
A few unacceptable things happen:
1. A password is prompted. My presumption if user enters password, it will be
sent unencrypted via the network. BAD IDEA.
2. The server will not validate the logon (the server is supposed to tell client
that no connections are accepted on port 143).
3. A user gets an error message that the password is wrong. An error message
itself is quite misleading.

Expected Results:  
Allow to set up SSL type of the incoming server.
(Reporter)

Comment 1

14 years ago
Forgot to mention. I posted on forums.mozillazine.org but got no reply. I can
volunteer to implement a fix myself if someone can guide me in the right dimension.

Comment 2

13 years ago
I agree that this is a very serious problem for many naive users. At least some
very widely used IMAP servers disallow unencrypted connections; I think this is
actually required by the IMAP spec. So the new account wizard should
*definitely* ask the user if the connection is to be encrypted. Better yet, it
should try it both ways and figure it out on its own.

Also, some imap servers (like uw-imapd) require the client to present a
directory name where the IMAP folders are kept, and will not work without it.
This is common enough that the new account wizard should prompt for this setting
as well.

Comment 3

13 years ago
Created attachment 154248 [details]
AccountWizard.dtd

Comment 4

13 years ago
this has been an annoyance for me too for some time.  i have some code that
might be a fix.  i'm new to xul and javascript, though - some review would be
nice.  seems to be working for me.

there's a modified locale dtd - i only did en-US.

i haven't contributed before, so i don't know the mechanics.  i attached some diffs:

/mozilla/mailnews/base/prefs/resources/locale/en-US/AccountWizard.dtd
/mailnews/base/prefs/resources/content/AccountWizard.js
/mailnews/base/prefs/resources/content/AccountWizard.xul
/mailnews/base/prefs/resources/content/aw-server.js
/mailnews/base/prefs/resources/content/aw-done.js

Updated

13 years ago
Attachment #154248 - Attachment description: diff → AccountWizard.dtd

Comment 5

13 years ago
Created attachment 154249 [details]
AccountWizard.js

Comment 6

13 years ago
Created attachment 154250 [details]
AccountWizard.xul

Comment 7

13 years ago
Created attachment 154251 [details]
aw-done.js

Comment 8

13 years ago
Created attachment 154252 [details]
aw-server.js

Comment 9

13 years ago
Can you add an attachment of a screenshot ?

Updated

13 years ago
Blocks: 124935

Comment 10

13 years ago
Created attachment 154564 [details]
screenshot - account wizard - server

Comment 11

13 years ago
Created attachment 154565 [details]
screenshot - acct wiz - "done" page

Comment 12

13 years ago
i should mention that i made the code changes to:  Mozilla 1.8a3, build 2004072106

so, this isn't against the thunderbird code.  my assumption was that this is
something we'd want in moz and thunderbird, and thunderbird branches off of
mozilla, correct?

lloyd, you have to ask for reviews:

http://www.mozilla.org/hacking/code-review-faq.html
Summary: Unable to setup IMAP over SSL using the New Account Wizard → Unable to set up IMAP over SSL using the New Account Wizard
(Assignee)

Comment 14

13 years ago
Lloyd, can we get one complete -u diff for all your changes? I think this
enhancement is something we want...

Comment 15

13 years ago
sorry, i'm not even sure if i have the code anymore.  it's been about 18 months.
 i'm not merging this into my own build, i just offered the code in hopes that
it would find itself into the regular build (or at least inspire someone else to
improve/rewrite it), since it's an issue we ran into repeatedly with our users.

hopefully the code that's there is useful, though i suspect someone who's had
more than about an hour of familiarity with the codebase (which is about what i
had) should be able to polish it off pretty quickly.

IAC, i'll search my drive at work in the next couple days.

Comment 16

13 years ago
Created attachment 185891 [details]
mockup of serverinfo page: pop vs imap, pop too long

I have been looking into this. I guess we should allow TLS and secure
authentication also. Problem is, for POP the server info page becomes too long.


So, something would have to move
- move smtp server setting to page of its own?
- global inbox settings?

What do you think?

Comment 17

13 years ago
Created attachment 186130 [details] [diff] [review]
proposed fix

Went ahead and created a patch. This patch
- adds the security options for pop/imap
- also adds a checkbox for secure news 
- moves the global inbox setting to the finish page

This needs both r and sr right?

Updated

13 years ago
Attachment #186130 - Flags: superreview?(mscott)
Attachment #186130 - Flags: review?(bienvenu)

Comment 18

13 years ago
Created attachment 186131 [details]
Screenshots for the patch in attachment 186130 [details] [diff] [review]
(Assignee)

Comment 19

13 years ago
Comment on attachment 186130 [details] [diff] [review]
proposed fix

switching r/sr - no sense in my looking at this if Scott doesn't want it :-)
Attachment #186130 - Flags: superreview?(mscott)
Attachment #186130 - Flags: superreview?(bienvenu)
Attachment #186130 - Flags: review?(mscott)
Attachment #186130 - Flags: review?(bienvenu)

Updated

11 years ago
Depends on: 170520

Comment 20

11 years ago
David, maybe you can push mscott to at least take a look at this and drop a short statement why this is not feasible/considered?
(Assignee)

Comment 21

11 years ago
For the next release, we should consider this.  Ideally, we'd do an auto-detection of whether SSL or TLS works, and auto-configure.

Comment 22

11 years ago
David, thanks. you refer with "next release" to thunderbird 2 or next 1.8.0 branch release?
(Assignee)

Comment 23

11 years ago
neither - the next (probably major) release after 2.0
QA Contact: front-end

Comment 24

10 years ago
(In reply to comment #21)
> For the next release, we should consider this.  Ideally, we'd do an
> auto-detection of whether SSL or TLS works, and auto-configure.

I found this filed as bug 394487 along with a suggestion for a possible scan order. Judging from the increasing number of "cannot connect" posts at MZ forums, and the fact that more and more providers are requiring encryption these days, having more options in the initial account setup is crucial. First-time users may be frustrated twice by first not finding any option in the account wizard to specify the port and encryption method obtained from their providers, then again when the first connection fails. Taking the guesswork out by a scanning mechanism would certainly be the best solution, I agree.

A few more thoughts:
 - Include SMTP in this bug, as providers are more likely to require encryption also for outgoing e-mails these days.
 - Offer port options rather than just encryption, e.g., TLS may be on either port 25 or 587; or, add the port to the attachment 186131 [details] layout.

Possible port options to select in the account wizard:
 - POP3:  110 (implies try TLS), 995 (use SSL)
 - IMAP:  143 (implies try TLS), 993 (use SSL)
 - SMTP:   25 (implies try TLS), 465 (use SSL), 587 (try TLS)

Note that none of the options has "no encryption" by default, assuming the "try TLS" option can be used if TLS is not supported by the server. 

Updated

10 years ago
Assignee: mscott → nobody
Component: Mail Window Front End → Account Manager
QA Contact: front-end → account-manager
Nominating for Tbird 3.
Flags: blocking-thunderbird3?

Comment 26

10 years ago
as google is rolling out free imap over ssl to access gmail accounts this suddenly becomes rathter more important... as this convoluted setup instruction reflects:

http://mail.google.com/support/bin/answer.py?answer=77662

Comment 27

10 years ago
Supporting comment #25. However, ideally a solution for the next major release should extend the options for all three protocols (IMAP, POP, SMTP) in the Account Wizard.

Updating the special setup dialogs for Gmail's new IMAP access is handled in bug 400931 as an enhancement request. Given that many - if not most - providers require special port and encryption settings for their services, the issue goes well beyond Gmail. It seems more desirable though to have a solid generic setup interface than trying to provide separate ISP-specific "easy setup" dialogs.

Comment 28

10 years ago
Comment on attachment 186130 [details] [diff] [review]
proposed fix

Obsoleting, badly bitrotted.
Attachment #186130 - Attachment is obsolete: true
Attachment #186130 - Flags: superreview?(bienvenu)
Attachment #186130 - Flags: review?(mscott)

Updated

10 years ago
Duplicate of this bug: 426497

Updated

10 years ago
Duplicate of this bug: 383841

Comment 31

10 years ago
Created attachment 314031 [details] [diff] [review]
patch
Attachment #314031 - Flags: review?(neil)

Comment 32

10 years ago
Created attachment 314032 [details]
SmtpServerSetting.js

Put this file under mailnews/base/prefs/resources/content

Comment 33

10 years ago
Created attachment 314034 [details]
SmtpServerSettings.xul

Put this file under mailnews/base/prefs/resources/content

Updated

10 years ago
Attachment #314032 - Attachment description: new file → SmtpServerSetting.js

Comment 34

10 years ago
Created attachment 314036 [details]
screenshot

Comment 35

10 years ago
Created attachment 314037 [details]
screenshot

Comment 36

10 years ago
Boying: to include new files in the patch you can use the "cvsdo add" command and generate the patch with something like cvs diff -upN9. (cvsdo is part of cvsutils)

Also, "Advance" should probably be "Advanced..." 

Updated

10 years ago
Attachment #314031 - Attachment is obsolete: true
Attachment #314031 - Flags: review?(neil)

Updated

10 years ago
Attachment #314032 - Attachment is obsolete: true

Updated

10 years ago
Attachment #314034 - Attachment is obsolete: true

Updated

10 years ago
Attachment #314036 - Attachment is obsolete: true

Comment 37

10 years ago
Created attachment 314535 [details] [diff] [review]
new patch

1. add include new files
2. change "Advance" to "Advanced"
3. change the access key from "a" to "A"
4. clean up codes in the previous patch
Attachment #314535 - Flags: review?(neil)

Comment 38

10 years ago
Created attachment 314536 [details]
new screenshot

Comment 39

10 years ago
Comment on attachment 314535 [details] [diff] [review]
new patch

I've discovered that there's a plan for this; I'll post the URL in a sec. It's based on your patch for bug 426497 but to reduce clutter the global inbox checkbox is moved to the last page and menulists are used instead of radiogroups.
Attachment #314535 - Flags: review?(neil) → review-

Comment 40

10 years ago
Bug 326076 is another place that switched from a radio group to a menulist.

Updated

10 years ago
Attachment #154248 - Attachment is obsolete: true

Updated

10 years ago
Attachment #154249 - Attachment is obsolete: true

Updated

10 years ago
Attachment #154250 - Attachment is obsolete: true

Updated

10 years ago
Attachment #154251 - Attachment is obsolete: true

Updated

10 years ago
Attachment #154252 - Attachment is obsolete: true

Updated

10 years ago
Attachment #154564 - Attachment is obsolete: true

Updated

10 years ago
Attachment #154565 - Attachment is obsolete: true

Updated

10 years ago
Attachment #185891 - Attachment is obsolete: true

Comment 41

10 years ago
SSL is getting very common, really think we need to sort this out for tb3.
Flags: blocking-thunderbird3? → blocking-thunderbird3+
There are some designs in progres sketched out at:
http://wiki.mozilla.org/MailNews:Account_Wizard
and specifically for email:
http://wiki.mozilla.org/MailNews:Account_Wizard:Email

Comment 43

10 years ago
> (comment #42) http://wiki.mozilla.org/MailNews:Account_Wizard:Email#Page_3

I like that the menu lists use less space and would be extendable for further encryption protocols (if any new ones come up). The authentication on Page 4 is good too and separates connection and authentication better than having both on the same page. However, I still think that the *port* numbers should be offered somewhere, which initially can be set to the respective defaults as done now. Keep in mind that the port may not be uniquely derivable from the encryption protocol used, especially for SMTP (e.g., port 25 vs. 587).

Comment 44

10 years ago
This is Page 3 extended by port fields next to the server name, corresponding to the current Server Settings tab. While comment #34 introduced a separate page with "Advanced" button, this may be a little more "cluttering" but avoids a separate page for the port:

   /Choose:/
   [*] POP [ ] IMAP

   /explanatory text/

   Incoming Server: [ mail.doe.mail     ] Port: [110]
   [ ] Use Secure Connection [  TLS, if available \/]

   ----

   /explanatory text/

   Outgoing Server: [ smtp.doe.mail     ] Port: [ 25]
   [ ] Use Secure Connection [  TLS, if available \/]

   [[ < Back ]] [[ Next > ]] [[ Cancel ]]
That looks good to me.  I don't think it adds too much clutter considering it's necessity.

Can you update the wiki page to reflect this change?

Comment 46

10 years ago
> (comment #45) Can you update the wiki page to reflect this change?

Done. I've also updated Page 6 (summary page) to reflect the additional options, please modify any of those as you see fit.

Comment 47

10 years ago
These proposed revisions will enhance User configuration for the U.S. Dept. of Defense which uses SSL for IMAP and SMTP connections. I suspect that the other governmental Depts are similar.
- some updates, already put into bug 326076 -

The Account Wizard wiki has been updated to reflect some discussion coming out
of the wiki talk page.  This includes a better menu list item.

Also bug 422814 has some work on auto-probe for connection type and port config

Updated

9 years ago
Depends on: 422814

Updated

9 years ago
Priority: -- → P1
Target Milestone: --- → Thunderbird 3.0b2

Comment 49

9 years ago
I'm not certain of the privacy implications, but perhaps following Outlook 2007's lead and guess the proper ports/security settings, working from more secure to less secure?
(Assignee)

Comment 50

9 years ago
moving to b2 - this is completely dependent on the new account config stuff landing, which may or may not happen for b1, but it's not useful to track this separately.
Target Milestone: Thunderbird 3.0b1 → Thunderbird 3.0b2
(Assignee)

Updated

9 years ago
Assignee: nobody → bienvenu
(Assignee)

Comment 51

9 years ago
still trying to get this for b2, but not blocking b2
Target Milestone: Thunderbird 3.0b2 → Thunderbird 3.0b3

Updated

9 years ago
Version: unspecified → Trunk
(Assignee)

Comment 52

9 years ago
the new mail acount setup wizerd in bug 422814 fixes this.
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED

Updated

8 years ago
You need to log in before you can comment on or make changes to this bug.