Version 19.1.2360 mail shield cause problems with Thunderbird

Hello.

After update to 19.1.2360 (build 19.1.4142.0) Thunderbird (65) stopped to connect to some IMAP servers (dovecot).
Connection to IMAP server is set as STARTTLS and password (secured transfer) on the port 143. Connection to port 993 with SSL/TLS works.
I got the following error message from Thunderbird after connection timeout:
“IMAP server xxx doesn’t support selected authentication method.”

The capabilities of the dovecot server are:

  • OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN] Dovecot ready.

The previous version of Avast worked without any problem, I had to install only the certificate to Thunderbird.
I don’t know the background of TLS connection takeover, but there is something wrong.

The service package ID is: T661M

Thanks in advance for the help.

Regards
Vaclav

No dev cares about that?
I have experienced the same issue also with SMTP server, SSL/TLS works, STARTTLS not.
Sometimes there is also problem with Firefox, that SSL certificate cannot be verified. I suspect the same bug within Avast.

Hello, I also have a problem with thunderbird and imap server, but with the new version it seems that it is no more possible to export certificate as shown in the official documentation !
So I have to shutoff Avast to be able to read my mail : very efficient anti virus suite…

It is still possible to export SSL certificate, but it doesn’t help.
You can try it… Settings / General / Solving problems / Open old settings

You could try the latest beta: https://forum.avast.com/index.php?board=15

Tested, no solution :frowning:

Did you try it with the stable build of Thunderbird…? TB 65 is still in beta.

Sure, same problem also with TB 60.4.0.
If the devs would like to have access to this particular IMAP server, I can provide it.

OK, I forwarded it…

My similar problem disappeared when I set value of security.tls.version.max from 4 to 3 in Thunderbird. So dit it in Firefox.

This doesn’t work for me :frowning:

Have you tried setting security.enterprise_roots.enabled to true in the config editor (a restart will be required)?

I tried it now but it did’t help. There appeared only confirmation of SSL certificates issued/overtaken by Avast which couldn’t be verified.
I have installed Avast Root certificate in Windows certificate storage and Thunderbird storage as well.
Also tried to enable ALL ciphers and every TLS protocol within dovecot IMAP server. No success.
There has to be some change since the last Avast 18.x version which causes these problems.

I have exported SSL email certificate from Avast and installed it into Windows storage again, now certificates were validated properly.
But the problem with STARTSSL connection persists. I would like to help the devs to find the bug, but nobody has contacted me.

The recommended IMAP connection protocol (in many email clients, mail filters, etc.) is SSL/TLS on port 993.

Have you tried this configuration since you have solved the certificate issue?

Yes, as I wrote in the first post, SSL on 993 works normally. But STARTTLS on 143 has been broken since Avast 19.x.

The probem finally disappeared with the latest beta version 19.3.2365 (build 19.3.4213.404).

Thanks for the feedback.

You really need to create your own new topic, much will have changed in over a year and breathing life into an old topic isn’t great.

Give more details (error messages, etc.), your Operating System, Avast version, the version and build numbers ?