Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Avatar for Username

Търсене в помощните статии

Избягвайте измамите при поддръжката. Никога няма да ви помолим да се обадите или изпратите SMS на телефонен номер или да споделите лична информация. Моля, докладвайте подозрителна активност на "Докладване за злоупотреба".

Научете повече

Thunderbird has a potential Safty Risk with login.live.com and refuse to load it

  • 1 отговор
  • 0 имат този проблем
  • Последен отговор от Matt

Hubert Lehnigk
Hubert Lehnigk
more options

Hello Community,

I try to add a live.de mail account to Thunderbird 115.12.2.

I used these setting: IMAP Server outlook.office365.com with SSL on Port 993 and OAuth2 SMTP Server smtp.office365.com with STARTTLC on Port 587 and OAuth2

The TEST button is successfull and if I proceed it fail with the authen login page login.live.com because of security concern.

When I copy the link to the Edge Browser it works but the Thunderbird does not know about this. I can even find on the Microsoft Account that the Thunderbird is authorized to have access but mail account in TB is not created.

How can overcome this security issue? Maybe I can add a trustworth page in the Settings?

Regards Hubert

Hello Community, I try to add a live.de mail account to Thunderbird 115.12.2. I used these setting: IMAP Server outlook.office365.com with SSL on Port 993 and OAuth2 SMTP Server smtp.office365.com with STARTTLC on Port 587 and OAuth2 The TEST button is successfull and if I proceed it fail with the authen login page login.live.com because of security concern. When I copy the link to the Edge Browser it works but the Thunderbird does not know about this. I can even find on the Microsoft Account that the Thunderbird is authorized to have access but mail account in TB is not created. How can overcome this security issue? Maybe I can add a trustworth page in the Settings? Regards Hubert
Прикачени екранни снимки

Всички отговори (1)

Matt
Matt
  • Moderator
  • Top 10 Contributor
more options

Stop your antivirus product from intercepting Thunderbird's attempt to connect to the internet and replacing the valid encryption certificate used by Microsoft with their self signed one that they use to undertake their man-in-the-middle hack of your encrypted communications they call scanning. Thunderbird does not automatically trust certificates that are not issued from the chain of trust that backs the Internet's encrypted communications. It is up to the user to make their own informed decision if they trust the company. Given how many of them are based in Eastern Europe, the US and some other governments are suggesting a number of the companies can not really be trusted.

Edge does not have an isolated certificate store that can not be easily manipulated from another program, so it trusts the self signed certificate in the Microsoft store inserted by the antivirus product.

Thunderbird maintains it's own non programmable store. So you must manually choose to reduce your security if you wish to have this scanning active by adding the self signed certificate to the store. Most antivirus vendors using self signed certificates have instructions on their web site. Personally I use defender and have no such issues.

Полезно?

Задаване на въпрос

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.