Closed Bug 306819 Opened 19 years ago Closed 17 years ago

Thunderbird leaks DNS requests when used with TOR and Privoxy

Categories

(Thunderbird :: Preferences, defect)

Product:
Thunderbird
Component:
Preferences
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INCOMPLETE

People

(Reporter: frank.helk, Unassigned)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6 Build Identifier: 1.0.6 (20050716) Tried to use Thunderbird to access a NNTP server via TOR / Privoxy. Installed both (they work flawless with Firebird 1.06), and set up Thunderbird to use it as proxy. Fetched some news from news.mozilla.org and inspected the network traffic with Ethereal. Tried that with Thunderbird set to SOCKS4 and SOCKS5 in the proxy settings. Symptoms: 1. Traffic contained some DNS request packets where news.mozilla.org was found as readable text. This is not the case with firefox when used with TOR/Privoxy. 2. TOR complains about that: --------8<------------ [warn] fetch_from_buf_socks(): Your application (using socks4 on port 119) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. --------8<------------ -FH Reproducible: Always Steps to Reproduce: 1. Install Thunderbird 2. Install TOR 3. Install Privoxy 4. Set up proxy section of Thunderbird as described in the TOR docs 5. Set up privoxy as described in the TOR docs 6. Try to fetch from any NNTP server while capturing traffic with Ethereal 7. Inspect traffic for leaked DNS requests Actual Results: Found clear DNS request where encrypted traffic was expected Expected Results: Tunnel DNS requests thru the proxy, too.
Related to Core bug 134105?
Frank (or someone else): Does this bug still exist on TB 2.0.0.*, trunk TB, or related versions of Seamonkey? If not, I will resolve INCO in 3 weeks... Since bug 134105 claims that the backend landed back in 2004, if this is indeed a byproduct of bug 134105, then setting the pref network.proxy.socks_remote_dns to true should fix this. This is also not a security problem but a generic networking problem, it appears.
Assignee: dveditz → nobody
Component: Security → MailNews: Networking
Product: Thunderbird → Core
QA Contact: thunderbird → mailnews.networking
Whiteboard: CLOSEME 2008-05-22
RESO INCO per previous comment.
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → INCOMPLETE
Whiteboard: CLOSEME 2008-05-22
I'll be doing some testing soon, I'll look at this as well. -> Thunderbird, not mailnews (core)
Component: MailNews: Networking → Preferences
Product: Core → Thunderbird
You need to log in before you can comment on or make changes to this bug.