Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

POP3 accounts can no more connect to related server after each Thunderbird software update

  • 16 replies
  • 1 has this problem
  • 3 views
  • Last reply by c.capel

more options

Hello, Each time a new release comes (102.4.2 actually) and I accept the upgrade, the problem reappears : it is impossible to load any mail from previously configured POP3 server (gmail or others). It is also impossible to send emails with previously configured SMTP server. In this case, the only solution I've found consists of:

 - creating a new profile.
 - configure POP3 and SMTP accounts, which now works (!).
 - transfer emails and abooks from old profile to the new one.

The profile corruption occurs during upgrade process and I think that the bug is located in this upgrade process. This is not related to a wrong security configuration or wrong password. Notice that the problem occurs on two PCs on two different locations. The common point to both these installations is that the profile is located on a NAS rather than on the default directory... I've not tried to perform a software update with the default directory. Thank you for your help. C. Capel

Hello, Each time a new release comes (102.4.2 actually) and I accept the upgrade, the problem reappears : it is impossible to load any mail from previously configured POP3 server (gmail or others). It is also impossible to send emails with previously configured SMTP server. In this case, the only solution I've found consists of: - creating a new profile. - configure POP3 and SMTP accounts, which now works (!). - transfer emails and abooks from old profile to the new one. The profile corruption occurs during upgrade process and I think that the bug is located in this upgrade process. This is not related to a wrong security configuration or wrong password. Notice that the problem occurs on two PCs on two different locations. The common point to both these installations is that the profile is located on a NAS rather than on the default directory... I've not tried to perform a software update with the default directory. Thank you for your help. C. Capel

All Replies (16)

more options

Hello

do you have set the profile with an UNC ? it may be that the upgrade is not supporting this (it would be a software limitation of course). If yes, try to connect permanently a network drive instead.

Unrelated: if you are doing this kind of configuration to be able to launch Thunderbird with the same profile on 2 different computers, in my opinion, this kind of setup is dangerous because you may launch Thunderbird on 2 computers at the same time and it would corrupt lot of things.

more options

Hello, Thank you for your answer. I use drive mapping of the NAS partition. So it appears to Thunderbird as a drive letter followed by a path (UNC). I'm not using this to access it from 2 computers. It is just a way to free the local drive space and to protect email database with RAID6 scheme. Each PC has its specific area on the NAS. Best regards

more options

It may be a problem with file locking on the NAS. Usually Windows type access on NAS is done with Samba, that is very tricky to configure. I have seen 'marginal' function like Windows backup failing with a NAS type and working fine with another (more ancient !), later fixed by an upgrade to the recent NAS. So, maybe try to refuse upgrade when from inside Thunderbird, exit Thunderbird and upgrade with a standard package downloaded directly.

Another possibility could be that really the profile is in use by another computer while upgrading. In this case it would not be a problem with the NAS...

more options

Hello gp, I'll try your suggestion on the next update (using standard package). For the last remark, I'm sure there is no other computer accessing this profile. Thank you for your help

more options

Hello gp, I've used a standard package for a new test... Problem still occurs.

more options

There is always the possibility to debug the problem with the error console.

Enable for example mailnews.smtp.loglevel to 'All' (validate with the checkmark), then try to send a mail, and look at the error console (Tools / Developer tools). If what happens is not clear, post the result here.

more options

Here is the console exportation for a faulty mail loading transaction with a gmail account (the problem is the same with other accounts) :

NS_ERROR_FAILURE: Couldn't decrypt string 6 crypto-SDR.js:200

   decrypt resource://gre/modules/crypto-SDR.js:200
   _decryptLogins resource://gre/modules/storage-json.js:846
   findLogins resource://gre/modules/storage-json.js:705
   findLogins resource://gre/modules/LoginManager.jsm:513
   get refreshToken resource:///modules/OAuth2Module.jsm:122
   get resource:///modules/OAuth2Module.jsm:112
   connect resource:///modules/OAuth2.jsm:74
   onPromptAuthAvailable resource:///modules/OAuth2Module.jsm:182
   onPromptStartAsync resource:///modules/OAuth2Module.jsm:178
   _promiseAuthPrompt resource:///modules/MsgAsyncPrompter.jsm:54
   _promiseAuthPrompt resource:///modules/MsgAsyncPrompter.jsm:52
   run resource:///modules/MsgAsyncPrompter.jsm:77
   AsyncFunctionNext self-hosted:632

NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] 3 OAuth2.jsm:171 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] 2 OAuth2.jsm:171 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] OAuth2.jsm:171 Not showing popup notification password with the message Enregistrer l’identifiant pour google.com ? browserRequest.js:12:13 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] OAuth2.jsm:171 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] 2 OAuth2.jsm:171 Certains cookies utilisent incorrectement l’attribut recommandé « SameSite » 10 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] 3 OAuth2.jsm:171 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] OAuth2.jsm:171 GEThttp://localhost/?code=4/0ARtbsJoz6MNLpUy9I_56nBCJHTbRESOt_B4D1lbAsQICXS320jHqlgF3GAqT-uecAJjiUA&scope=https://mail.google.com/+https://www.googleapis.com/auth/carddav+https://www.googleapis.com/auth/calendar NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] OAuth2.jsm:171 XHRPOSThttps://www.googleapis.com/oauth2/v3/token [HTTP/2 200 OK 244ms]

Échec du chargement pour l’élément <script> dont la source est « chrome://global/content/netError.js ». neterror:128:4 POSThttp://ocsp.pki.goog/gts1c3 [HTTP/1.1 200 OK 43ms]

NS_ERROR_FAILURE: Couldn't decrypt string 4 crypto-SDR.js:200 NS_ERROR_FAILURE: Couldn't decrypt string 4 crypto-SDR.js:200 NS_ERROR_ABORT: User canceled primary password entry 3 crypto-SDR.js:90 uncaught exception: 2147500036 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 NS_ERROR_FAILURE: Couldn't decrypt string 6 crypto-SDR.js:200 REPORThttps://apidata.googleusercontent.com/caldav/v2/[email protected]/events/ [HTTP/2 207 Multi-Status 312ms]

REPORThttps://apidata.googleusercontent.com/caldav/v2/c5i68sj5edpm4rrfdchm6rreehgm6t3j81jn4rrle0n7cbj3c5m6arj4c5p2sprfdtjmop9ecdnmq@virtual/events/ [HTTP/2 207 Multi-Status 303ms]

POSThttp://ocsp.pki.goog/gts1c3 [HTTP/1.1 200 OK 14ms]

GEThttps://accounts.google.com/o/oauth2/auth?response_type=code&client_id=406964657835-aq8lmia8j95dhl1a2bvharmfk3t1hgqj.apps.googleusercontent.com&redirect_uri=http://localhost&scope=https://www.googleapis.com/auth/calendar&login_hint=Jours+fériés+en+Belgique [HTTP/3 302 Found 74ms]

GEThttps://accounts.google.com/AccountChooser?oauth=1&continue=https://accounts.google.com/signin/oauth/legacy/consent?authuser=unknown&part=AJi8hANDJPPgUbPkE2v_F2AcxUsnSL8miDAuu7rZQoK11MM_Lf710qfnCwRsQbaN2h76fAZjnJtpzGaOJve9uIfMT-HUHoYXGnf3Iee03PNYfofy9cGQX0eyOfkACWKhENlUCeL-nau4xjzvWupMGI4_GGRsiBKIfVwXO6JsIve3871QKYZfqPfV0u8nYxP8yqZVKul_KD4crIc1EPFuPyeHzH6UUdz4rl53PKxzxOwJdQ-j6qWlzDIzvIBvhVUzjjO7hLwpkwhh_g2puZgh9Mu6VEGFL87-ydiGB1diEuZR7FtLntZuzwR3dKMReHNXIMJhj-gxnAKtFRSr4t4-LKuGqtATPqGPsC1xs8GhW4WIAUhEx_Py14soJ6aQQNhyiVzQaWNvlO6lF8OFFdX5WSzCIsSUctVP0I_m7b70IuwXp8qfmOx4OXOm7U4zCm3OetpY7zFmX5Ho&as=S504009559%3A1667377520659956&client_id=406964657835-aq8lmia8j95dhl1a2bvharmfk3t1hgqj.apps.googleusercontent.com# [HTTP/3 302 Found 48ms]

GEThttps://accounts.google.com/ServiceLogin?continue=https://accounts.google.com/signin/oauth/legacy/consent?authuser=unknown&part=AJi8hANDJPPgUbPkE2v_F2AcxUsnSL8miDAuu7rZQoK11MM_Lf710qfnCwRsQbaN2h76fAZjnJtpzGaOJve9uIfMT-HUHoYXGnf3Iee03PNYfofy9cGQX0eyOfkACWKhENlUCeL-nau4xjzvWupMGI4_GGRsiBKIfVwXO6JsIve3871QKYZfqPfV0u8nYxP8yqZVKul_KD4crIc1EPFuPyeHzH6UUdz4rl53PKxzxOwJdQ-j6qWlzDIzvIBvhVUzjjO7hLwpkwhh_g2puZgh9Mu6VEGFL87-ydiGB1diEuZR7FtLntZuzwR3dKMReHNXIMJhj-gxnAKtFRSr4t4-LKuGqtATPqGPsC1xs8GhW4WIAUhEx_Py14soJ6aQQNhyiVzQaWNvlO6lF8OFFdX5WSzCIsSUctVP0I_m7b70IuwXp8qfmOx4OXOm7U4zCm3OetpY7zFmX5Ho&as=S504009559%3A1667377520659956&client_id=406964657835-aq8lmia8j95dhl1a2bvharmfk3t1hgqj.apps.googleusercontent.com#&sacu=1&oauth=1&rip=1 [HTTP/3 200 OK 86ms]

NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] 3 OAuth2.jsm:171 Content Security Policy: L’analyse de « require-trusted-types-for » a échoué, car la directive est inconnue. Content Security Policy: La source « 'unsafe-inline' » présente dans « script-src » ou « style-src » a été ignorée : « nonce-source » ou « hash-source » spécifié. GEThttps://ssl.gstatic.com/accounts/ui/avatar_2x.png [HTTP/3 200 OK 10ms]

GEThttps://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png [HTTP/3 200 OK 12ms]

GEThttps://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png [HTTP/3 200 OK 12ms]

GEThttps://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png [HTTP/3 200 OK 10ms]

GEThttps://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2 [HTTP/2 200 OK 109ms]

GEThttps://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2 [HTTP/2 200 OK 98ms]

GEThttps://accounts.google.com/generate_204?Pe6FSg [HTTP/3 204 No Content 20ms]

Content Security Policy: La source « 'unsafe-inline' » présente dans « script-src » ou « style-src » a été ignorée : « nonce-source » ou « hash-source » spécifié. 2 NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIRequest.name] OAuth2.jsm:171 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200 Propriété « -moz-border-radius » inconnue. Déclaration abandonnée. codemirror.css:244:22 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200 mailnews.pop3.4: NetworkTimeoutError: a Network error occurred Pop3Client.jsm:341:18 NS_ERROR_FAILURE: Couldn't decrypt string 6 crypto-SDR.js:200

more options

c.capel said

Here is the console exportation for a faulty mail loading transaction with a gmail account (the problem is the same with other accounts) : (...) NS_ERROR_ABORT: User canceled primary password entry 3 crypto-SDR.js:90

Do your other accounts (non-gmail) use OAuth2 too ? Do you in fact use a primary password for your password manager ?

more options

Hello gp,

 "Do your other accounts (non-gmail) use OAuth2 too ?" ===> No they use SSL/TLS with "Cyphered password"
 "Do you in fact use a primary password for your password manager ?" ===> No
more options

Baffling that you have a message about primary password in your trace. However looking at the code, it seems that the Firefox coder has taken the assumption that when from experience some problem produces a given error code, when getting this same (very generic) error code, it's sane to display to the end user that the very same problem has happened. Terrible error reporting, but it's more or less the norm in the software industry, like when every unknown Windows problem was displayed as 'not enough disk space'.

Anyway, I wondered why there were only messages about OAuth2, nothing about an interaction with an actual mail server, but it seems you posted a trace about *getting* mail, while I had advised you to *send* a mail, the mailnews.smtp.loglevel=All concerns smtp, that is, sending mail, while to get a trace for getting a mail, it will be mailnews.pop3.loglevel=All. So. Please do the trace thing while trying to *send* a mail with a non gmail smtp server, it should make things simpler to understand, assuming that the root cause of the problem is the same in all cases. Also click the trash button in the error console just before trying to send the mail, it will clear the console and isolate just what happens next.

more options

Hello gp, Thank you for your time. In fact, the sent trace has been made one week ago before your request. In the meantime, I have transferred the thunderbird profile on a local drive and the problem disapeared. I'll make a new try tomorrow : transfer profile on NAS, downgrade Thunderbird and trace an email sending on a non gmail account. Best regards

more options

For the record, what is the NAS model you use ? Did you ever try this trick with another NAS, or with a Windows server ?

Modified by gp

more options

Hello gp, I've made new tries :

 - Make new working profile on NAS
 - Make new working profile on Windows disk share on a separate PC
 - Update Thunderbird to the brand new 102.5.1 version
 - Observations : Local and Windows disk share profiles are working Ok. NAS is not working "as usual". This is thus related to the NAS.
 - The NAS model is Synology RS2418+ with firmware version V6.2.4-25556 update 6.
 - On two other locations, the same problem occurs with Synology DS1517 (same firmware) and DS1515 (unknown firmware).
 - I've made a trace for a sending on NAS profile with "mailnews.smtp.loglevel=All" (See below)
 - Up to 9:58:34, Thunderbird tries to send the email but for an unknown reason, the stored credentials don't work and Thunderbird ask me for the SMTP server password.
 - I then (09:58:46) enter the password but it does noty work either.


09:58:33,969 mailnews.smtp: Sending message <d249b3a8-c56e-1808-f234-9f42eb804a29@c-logique.be> SmtpService.jsm:85:18 09:58:33,970 mailnews.smtp: Connecting to smtp://relay.proximus.be:587 SmtpClient.jsm:118:17 09:58:34,040 mailnews.smtp: Connected SmtpClient.jsm:386:17 09:58:34,078 mailnews.smtp: S: 220-smtp.skynet.be ESMTP

220 Belgacom relay service - authentication required!

SmtpClient.jsm:412:17 09:58:34,079 mailnews.smtp: C: EHLO [192.168.105.200] SmtpClient.jsm:589:19 09:58:34,090 mailnews.smtp: S: 250-smtp.skynet.be

250-8BITMIME

250-SIZE 26214400

250 STARTTLS

SmtpClient.jsm:412:17 09:58:34,091 mailnews.smtp: C: STARTTLS SmtpClient.jsm:589:19 09:58:34,100 mailnews.smtp: S: 220 Go ahead with TLS

SmtpClient.jsm:412:17 09:58:34,105 mailnews.smtp: C: EHLO [192.168.105.200] SmtpClient.jsm:589:19 09:58:34,268 mailnews.smtp: S: 250-smtp.skynet.be

250-8BITMIME

250-SIZE 26214400

250-AUTH PLAIN LOGIN

250 AUTH=PLAIN LOGIN

SmtpClient.jsm:412:17 09:58:34,269 mailnews.smtp: Possible auth methods: PLAIN,LOGIN SmtpClient.jsm:875:17 09:58:34,269 mailnews.smtp: Current auth method: PLAIN SmtpClient.jsm:627:17 09:58:34,269 mailnews.smtp: Authentication via AUTH PLAIN SmtpClient.jsm:642:21 09:58:34,278 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:34,288 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:46,037 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:46,203 NS_ERROR_ABORT: User canceled primary password entry 5 crypto-SDR.js:90 09:58:46,220 NS_ERROR_ABORT: User canceled primary password entry crypto-SDR.js:90 09:58:47,640 mailnews.pop3.4: NetworkTimeoutError: a Network error occurred Pop3Client.jsm:350:18 09:58:47,819 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200 09:58:47,875 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200

Modified by c.capel

more options

Hello gp, I've made new tries :

- Make new working profile on NAS
- Make new working profile on Windows disk share on a separate PC
- Update Thunderbird to the brand new 102.5.1 version
- Observations : Local and Windows disk share profiles are working Ok. NAS is not working "as usual"
- I've made a trace for a sending on NAS profile with "mailnews.smtp.loglevel=All" (See below)
- Up to 9:58:34, Thunderbird tries to send the email but for an unknown reason, the stored credentials don't work and Thunderbird ask me for the SMTP server password.
- I then (09:58:46) enter the password but it does noty work either.
- The NAS model is Synology RS2418+ with firmware version V6.2.4-25556 update 6.
- On two other locations, the same problem occurs with Synology DS1517 (same firmware) and DS1515 (unknown firmware).

09:58:33,969 mailnews.smtp: Sending message <d249b3a8-c56e-1808-f234-9f42eb804a29@c-logique.be> SmtpService.jsm:85:18 09:58:33,970 mailnews.smtp: Connecting to smtp://relay.proximus.be:587 SmtpClient.jsm:118:17 09:58:34,040 mailnews.smtp: Connected SmtpClient.jsm:386:17 09:58:34,078 mailnews.smtp: S: 220-smtp.skynet.be ESMTP

220 Belgacom relay service - authentication required!

SmtpClient.jsm:412:17 09:58:34,079 mailnews.smtp: C: EHLO [192.168.105.200] SmtpClient.jsm:589:19 09:58:34,090 mailnews.smtp: S: 250-smtp.skynet.be

250-8BITMIME

250-SIZE 26214400

250 STARTTLS

SmtpClient.jsm:412:17 09:58:34,091 mailnews.smtp: C: STARTTLS SmtpClient.jsm:589:19 09:58:34,100 mailnews.smtp: S: 220 Go ahead with TLS

SmtpClient.jsm:412:17 09:58:34,105 mailnews.smtp: C: EHLO [192.168.105.200] SmtpClient.jsm:589:19 09:58:34,268 mailnews.smtp: S: 250-smtp.skynet.be

250-8BITMIME

250-SIZE 26214400

250-AUTH PLAIN LOGIN

250 AUTH=PLAIN LOGIN

SmtpClient.jsm:412:17 09:58:34,269 mailnews.smtp: Possible auth methods: PLAIN,LOGIN SmtpClient.jsm:875:17 09:58:34,269 mailnews.smtp: Current auth method: PLAIN SmtpClient.jsm:627:17 09:58:34,269 mailnews.smtp: Authentication via AUTH PLAIN SmtpClient.jsm:642:21 09:58:34,278 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:34,288 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:46,037 NS_ERROR_FAILURE: Couldn't decrypt string 2 crypto-SDR.js:200 09:58:46,203 NS_ERROR_ABORT: User canceled primary password entry 5 crypto-SDR.js:90 09:58:46,220 NS_ERROR_ABORT: User canceled primary password entry crypto-SDR.js:90 09:58:47,640 mailnews.pop3.4: NetworkTimeoutError: a Network error occurred Pop3Client.jsm:350:18 09:58:47,819 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200 09:58:47,875 NS_ERROR_FAILURE: Couldn't decrypt string 12 crypto-SDR.js:200

more options

How interesting ! thanks for doing all that.

My gut feeling is that the security database is corrupted. AFAIK it's in the key4.db file. Now I don't know if it's supposed to be upgraded with each new install, or if it's possible to save it first and restore it manually after the upgrade. The only thing I know because I tried it, is that copying a profile configuration works by copying the prefs.js (for the accounts), the logins.json (the user passwords, encrypted), and the key4.db (the master security database). Could you give a try to copying the key4.db file from the backup before upgrading ?

About your NAS: it would be interesting to know if it has been upgraded to latest firmware. I am not dealing with them so I can't find easily if V6.2.4-25556 update 6 is the last. It can really matter, I had one time blocking problems with a QNAP Nas with some rarely used Windows function, had to use another device instead, and found recently that the same NAS is now working fine, but I have the policy of upgrading always the firmware, don't know if it's the case for your NAS. CIFS is really tricky and Samba implementations don't always succeed in all cases, they 'mostly work'... until they don't.

more options

Hello gp, I've tried :

 - saving key4.db file before and restoring it after upgrade => No change
 - saving prefs.js, logins.json and key4.db files and restoring them after upgrade => No change

I know that, at Synology, there is a version 7.xxx which is updated in parallel with 6.xxx. The NAS are up to date with 6.xxx scheme. I could upgrade to 7.xx but this implies some packages to become obsolete. So I'd have to change some infrastructure dependances. I'll perform this on one NAS, I hope tomorrow... Best regards