E-mail provider dropping TLS1.0 and 1.1 Support
I received the following from my e-mail provider, and as a total dumbo about this, want to ask if I need to do anything about this in Thunderbird (Linux). As far as I can see, my e-mail account in Thunderbird is set to POP3, encrypted using SSL/TLs, normal password - can anyone tell me if this is OK - Thanks.
Quote: "We are contacting you because one or more of your devices or programs uses the TLS 1.0 and/or TLS 1.1 encryption protocols to connect to our mail.com email servers, or is using an unencrypted connection. This involves either access via SMTP (sending emails) or retrieval via POP3/IMAP (receiving emails).
Unfortunately, the TLS 1.0 and TLS 1.1 encryption protocols are outdated and no longer meet current security standards. To protect your email communications, soon we will no longer allow access to our mail.com servers with these outdated protocols. Unencrypted access will also no longer be possible.
After the protocols have been deactivated, the transfer of emails between your affected device or program and our mail.com servers will no longer work; i.e. no emails will be transmitted to or from your mail.com email account using TLS 1.0 and TLS 1.1. Furthermore, unencrypted SMTP/IMAP/POP3 connections will no longer function. In other words, as of Oct. 5, 2022, it will only be possible to connect if TLS 1.2 or TLS 1.3 encryption is in place." Unquote
Asịsa ahọpụtara
from https://www.thunderbird.net/thunderbird/78.0/releasenotes/ (released back on July 17, 2020)
TLS 1.0 and 1.1 disabled
Which means Thunderbird (since Tb 78.0) supports TLS 1.2 at minimum, including TLS 1.3
https://support.mozilla.org/en-US/kb/thunderbird-78-faq
Gụọ azịza a na nghọta 👍 0All Replies (5)
Thunderbird does support TLS 1.2, so you should be ok.
Asịsa Ahọpụtara
from https://www.thunderbird.net/thunderbird/78.0/releasenotes/ (released back on July 17, 2020)
TLS 1.0 and 1.1 disabled
Which means Thunderbird (since Tb 78.0) supports TLS 1.2 at minimum, including TLS 1.3
Edeziri
Thanks, Guys, Sorry - I didn't think to check as far back as Tb78. I was worried because the rest of the email from the provider seemed to suggest that something (?) was connecting to their server using TLS1.0 or 1.1, and therefore when they withdraw support, I would not be able to send or receive emails via their server. When I checked my settings,tit does show support "SSL/TLS", but is not specific about which version of TLS - I assume it will automatically use tls1.2 when the older versions are discontinued? Thanks Again
I asked mail.com to explain this as I received the same email. This was the reply from customer services:-
Dear mail.com Member,
Thank you for contacting us.
The email you received regarding TLS 1.0 and TLS 1.1 deactivation originates from us, and thus is legitimate.
Please note that use of POP, IMAP and SMTP are Premium features only. There are many advantages of Premium membership in addition to accessing mail via POP3 or IMAP and sending via SMTP, such as automatically forwarding incoming mail to any email address, next business-day support, telephone support, an additional 10 GB of cloud storage, and an ad-free login screen and inbox.
If you wish to upgrade your account to a Premium account, please select “Premium” from the upper navigation bar of your mail.com account. You should then see a screen that lets you choose a payment plan (US$ 29.99 / year). Please follow the instructions on your screen.
If you are not interested in our Premium features, we recommend that you use our free mail.com mobile apps to access your email on your mobile device. For more information please visit https://www.mail.com/mail/app/
Kind regards, Your mail.com Support Team
My Question:- If I upgrade to premium, will I be able view my mail.com emails through Thunderbird?
Mail.com reply:- Yes, you will be able to use Thunderbird, just be sure the email program it is updated to the newest version, which have TLS 1.2 or 1.3.
Thank you!
Best regards, mail.com Support Team
So to summarize this has nothing to do at all with Thunderbird account settings. mail.com are basically going to start charging everyone US $29.99 / year if you want to link to Thunderbird. If you don't go along with it they will cut your link to Thunderbird so the only way to use mail.com is through logging into the mail.com website, which is a drawn process and full of adverts. I not impressed by the tactics they have used on this. mail.com have already stopped me sending emails through Thunderbird. I don't like the way they passed the blame to Thunderbird in their original email. More like " blackmail.com "
I'm surprised you were allowed to continue using Thunderbird so long, since they have been marketing premium service for over a year. Their charging a fee is not a surprise, as full email service has a cost.