Closed Bug 537649 Opened 15 years ago Closed 13 years ago

internode.on.net - Thunderbird 3 autodetects wrong server information for Australian ISP Internode.

Categories

(Webtools :: ISPDB Database Entries, defect)

Product:
Webtools
Component:
ISPDB Database Entries
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: lyntonius, Assigned: BenB)

Details

(Whiteboard: [config])

Attachments

(1 file, 4 obsolete files)

Config with SSL, mail.internode.on.net
1.20 KB, patch
bwinton
: review+
gozer
: review+
Details | Diff | Splinter Review
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 (.NET CLR 3.5.30729) Build Identifier: 3.0+ When running Thunderbird 3's autoconfig/account set up, it cannot detect Internode's mail servers and so it makes up erroneous entries for server information. I have created a new XML file which should rectify the issue: <clientConfig> − <emailProvider id="internode"> <domain>internode.on.net</domain> <displayName>Internode</displayName> <displayShortName>Internode</displayShortName> − <incomingServer type="pop3"> <hostname>mail.internode.on.net</hostname> <port>110</port> <socketType>plain</socketType> <username>%EMAILLOCALPART%</username> <authentication>plain</authentication> </incomingServer> − <outgoingServer type="smtp"> <hostname>mail.internode.on.net</hostname> <port>25</port> <socketType>plain</socketType> <username>%EMAILLOCALPART%</username> <authentication>plain</authentication> <addThisServer>true</addThisServer> <useGlobalPreferredServer>false</useGlobalPreferredServer> </outgoingServer> </emailProvider> </clientConfig> *I wasn't sure what "displayShortName" should be - if anything either "Node" or "on.net" if applicable. If not needed then ignore. Also, I wasn't sure how to fill in "username", as the customer would need to input this data. Reproducible: Always Steps to Reproduce: 1.Open Thunderbird 3. 2.Go to File > New Account 3.Enter details for an Internode customer, ie. username@internode.on.net 4.Thunderbird finds incorrect settings, ie. pop.internode.on.net. Actual Results: Thunderbird selects the wrong settings. Expected Results: Thunderbird needs to select "mail.internode.on.net" for both incoming and outgoing email. <clientConfig> − <emailProvider id="internode"> <domain>internode.on.net</domain> <displayName>Internode</displayName> <displayShortName>Internode</displayShortName> − <incomingServer type="pop3"> <hostname>mail.internode.on.net</hostname> <port>110</port> <socketType>plain</socketType> <username>%EMAILLOCALPART%</username> <authentication>plain</authentication> </incomingServer> − <outgoingServer type="smtp"> <hostname>mail.internode.on.net</hostname> <port>25</port> <socketType>plain</socketType> <username>%EMAILLOCALPART%</username> <authentication>plain</authentication> <addThisServer>true</addThisServer> <useGlobalPreferredServer>false</useGlobalPreferredServer> </outgoingServer> </emailProvider> </clientConfig>
(In reply to comment #0) > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.1.6) > Gecko/20091201 Firefox/3.5.6 (.NET CLR 3.5.30729) > Build Identifier: 3.0+ > Can you go to http://ispdb.mozillamessaging.com/ and add the data there please ?
Have done so. Thanks.
Using the username formula of %LOCALPART% will ensure it uses only the customer's username not including domain, correct? So if full email address is user@internode.on.net, it will use the username of "user"?
Assignee: nobody → lyntonius
Attached patch A patch to add the config file. (obsolete) — Splinter Review
I ran this config through my sanity checks, and they complained that I couldn’t connect to mail.internode.on.net:25. Do you restrict that port to computers on your network? Other than that, I like this config, so I'll give it an r=me, with that question answered. Thanks, Blake.
Attachment #419977 - Flags: review+
Yes that's correct, only users on an Internode connection can telet our mail servers on port 25. Thanks, Lynton.
Comment on attachment 419977 [details] [diff] [review] A patch to add the config file. Requesting second review on behalf of Lynton, who doesn't have permission. Thanks, Blake.
Attachment #419977 - Flags: review?(ben.bucksch)
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Comment on attachment 419977 [details] [diff] [review] A patch to add the config file. + <emailProvider id="internode"> Should be <emailProvider id="internode.on.net"> The configuration is very insecure. Are you sure that the servers permit neither SSL nor secure passwords? Please a) test whether better mechs are allowed *and* b) cite official instructions.
Attachment #419977 - Flags: review?(ben.bucksch) → review-
Port-testing mail.internode.on.net, it also offers IMAP (which IMHO should be used where possible) and the ports 993, 995 and 465 (POP, IMAP and SMTP via SSL) are all open. Please apply the necessary diligence before submitting configs. r-
Correct, we have IMAP and secure mail setting/configuartions too, but by default new customers are configured with the standard POP configuartion with no security. Advanced email configuration are of course allowed, but I thought with Thunderbird 3 it would be best to select the basic configuration initially, and then our agents can walk customers through changing details if necessary. Basic/new user configuration would be: Incoming mail server (POP3 or IMAP) = mail.internode.on.net POP3 = port 110, IMAP = 143. Outgoing mail server (SMTP) = mail.internode.on.net port 25. Advanced configuration would be: Secure incoming mail server (POP3S or IMAPS) = securemail.internode.on.net POP3S = port 995, IMAP = 993, SSL enabled. Secure outgoing mail server (SMTPS) = securemail.internode.on.net SMTPS = port 465, SSL enabled, authentication on with "username@internode.on.net". If a new account setup in Thunderbird 3 can detect all of these settings then great, but I would just as soon have the basic settings used (the ones I originally logged the bug for) and have us walk the customer through anything more advanced.
One of the idea behind autoconfiguration is to make it simple to the end users. So they can skip using the agent to configure their email. Yes properly configured Thunderbird should detact all these settings and the user will have a good secure configuration without the configure hassles.
As per notes, have resubmitted config file with correction. Still uses basic unsecured POP3 and SMTP - that is our standard default configuration.
Comment on attachment 424547 [details] [diff] [review] Updated config with correction suggested. Basic unsecured POP/SMTP. As said above, Thunderbird autoconfigures the most secure configuration possible. As discussed above, your ISP may be using unsecured configs by default, because you don't know which mail client your customer uses and whether SSL will work. In case of Thunderbird 3, you know that SSL and TLS work, and you can just confugure that. r- (review denied)
Attachment #424547 - Flags: review-
Attachment #424547 - Attachment is patch: true
Attachment #424547 - Attachment mime type: application/xml → text/plain
This is not the case. We do not want people to be using the secure mail servers by default. I feel that this is a very clear cut thing. We have given you a file with the correct settings that will fix issues that your users and our customers are having. If they want to use secure settings then there is nothing to stop them from doing so but this isn't the default configuration that users should be using. There should be NO reason that you can't use this file. Saying that we should be using secure settings by default doesn't solve the issue.
Well, and our policy is to use secure servers whenever possible, to protect our users. With your configuration, users would even send passwords in the clear (!), and mail contents, too. I also feel that this is a very clear cut thing.
Note: If the official, documented ISP config is not the best config, we explicitly want to give the best, not the official one. But you are documenting the SSL setting yourself: <http://www.internode.on.net/support/guides/email/secure_email/> and Lynton said in comment 9: > If a new account setup in Thunderbird 3 can detect all of these settings > then great We can, that's what autoconfig is for - to give the correct and best possible config to users. I don't understand why you don't want your users to use a secure setting. The default should always be the most secure setting. Apart from that, the document mentiones "global roaming" (the ability to use the config when not connected to the ISP network). We explicitly want that, too, because our users do roam and we want the config to work in all cases. The point is to give a config that "just works", in all cases, and is the best possible one (more secure, most possibilities). What's the username form? The XML you supplied says "username" (%EMAILLOCALPART%), but Lynton above and your document says to use "username@internode.on.net". I guess the XML is wrong.
Attached file Config with SSL, per ISP doc (obsolete) —
This is the config, basically just encoding http://www.internode.on.net/support/guides/email/secure_email/ I couldn't test it up to authentication, because I have no email account, but I checked the connection (with SSL) and I have SMTP and IMAP servers talking with me.
Assignee: lyntonius → ben.bucksch
Attachment #419977 - Attachment is obsolete: true
Attachment #424547 - Attachment is obsolete: true
Attachment #424575 - Flags: review?(gozer)
Please hold off on implementing this until I can confirm with Internode engineers.
I'm talking with Lynton off-bug, again in a friendly way. Lynton, yes, we'll wait. I'll cancel the review request for now.
Summary: Thunderbird 3 autodetects wrong server information for Australian ISP Internode. → internode.on.net - Thunderbird 3 autodetects wrong server information for Australian ISP Internode.
Attachment #424575 - Flags: review?(gozer)
Whiteboard: [config]
Lynton wrote me per mail that internode changed and now is willing to offer secure settings by default. Great! :-)) Here are the settings he told me: username@internode.on.net SMTP - server: mail.internode.on.net, port 465, SSL enabled IMAP - server: mail.internode.on.net, port 993, SSL enabled http://www.internode.on.net/support/guides/email/secure_email/
Attachment #424575 - Attachment is obsolete: true
Attachment #538273 - Flags: review?(bwinton)
Attachment #538273 - Flags: review?(gozer)
FYI, I added the POP3 config to, as option.
Comment on attachment 538273 [details] [diff] [review] Config with SSL, mail.internode.on.net Looks good to me!
Attachment #538273 - Flags: review?(bwinton) → review+
Attachment #538273 - Flags: review?(gozer) → review+
Thanks for the very quick reviews! Commited as SVN Revision 90211 FIXED
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Hi Ben, Apologies! It seems I've misinformed you, and we've had some issues. Can it please be revised so that the username section does not contain the domain, ie. "username", and not "username@internode.on.net". We've performed some testing, and found that the above needs to be rectified. Sorry for the bad info!
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
I believe it should be "<username>%EMAILLOCALPART%</username>", and not <username>%EMAILADDRESS%</username>.
Lynton can you attach a new file ?
Attached patch Fix username (obsolete) — Splinter Review
SIGH! Fix attached. Lynton, please test it! (All servers, IMAP, POP3 and SMTP)
Attachment #538457 - Flags: review?(bwinton)
Attachment #538457 - Flags: review?(gozer)
Lynton, are you sure-sure-sure that username = emailaddress is wrong? This is the config that you have published for a long time on <http://www.internode.on.net/support/guides/email/secure_email/>, meaning any user who followed your public instructions would get a "password wrong" message and be really confused. You would have seen that by many support calls.
In fact, I am starting to get doubts whether we're being trolled here. We will only change the config once the above page has been revised.
Also, please give us a test account. You can send the password to my email address.
Test account sent. No trolls here :( I'll have this page revised and comment back.
> Test account sent. Credentials received. > I'll have this page revised and comment back. Thank you.
Attachment #538457 - Flags: review?(gozer) → review+
Hi Ben and co, As per my email Ben, all email protocols function with both "user@internode.on.net" like our online guides show, but they also function with simply "user", hence the confusion. Please update as per the guide listed on our website, so that you have that for verification.
Comment on attachment 538457 [details] [diff] [review] Fix username OK, so we don't need this patch
Attachment #538457 - Attachment is obsolete: true
Attachment #538457 - Flags: review?(bwinton)
Lynton, that's good. We already publish the config with username=emailaddress, and that's recommended in general, so we're good. Marking FIXED again.
Status: REOPENED → RESOLVED
Closed: 13 years ago13 years ago
Resolution: --- → FIXED
Attachment #538457 - Flags: review-
Thanks Ben!
Component: ispdb → ISPDB Database Entries
Product: Mozilla Messaging → Webtools
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: