Constantly Prompted To "add Security Exception" By Thunderbird

Windows 8.1 x64 Pro


Bitdefender Total Security 17.25.0.1074


Thunderbird 24.3.0


I think this has been discussed before, but I can't find any resolution.


Whenever Thunderbird tries connecting to my IMAP server, I get prompted to "Add Security Exception", because the "Certificate belongs to a different site, which could indicate an identity theft." The same dialog says "Certificate is not trusted, because it hasn't been verified by a recognized authority using a secure signature."


Keeping "Permanently store this exception" and selecting "Confirm Security Exception" does not work. The prompt appears every time regardless.


Disabling the BD toolbar Thunderbird extension and the Anti-Spam module does not prevent this problem.


Is it true that BD's entire anti-spam module (not just the toolbar) does not support IMAP?


Is there any way to make this aggravating dialog go away, without totally removing BDTS?


post-159226-1392518655_thumb.jpg

Comments

  • columbo
    columbo
    edited February 2014

    Hi heterodox


    As you surmised, Bitdefender Antispam does not support IMAP. You'll need to disable the BD Toolbar form Thunderbird Tools/Add Ons and then disable it from the BD Console (if you still want to try to keep Bitdefender). It's been a desire from those in the past to include the IMAP functionality, but for now, it's just POP/SMTP


    http://forum.bitdefender.com/index.php?s=&...st&p=195085

  • heterodox
    edited February 2014

    Thank you for the reply, but I have the BD toolbar disabled in Thunderbird, and I have Anti-Spam disabled in BDTS, and I still get these dialogs. This is why I asked if it is possible to resolve this problem short of totally removing BDTS. I never got these dialogs before installing BDTS.

  • Apologies for missing that on your original thread, I was to focused on the IMAP not being supported.


    Try this, and see if this helps: http://forum.bitdefender.com/index.php?s=&...st&p=157228

  • I deleted the "bdThunderbird@bitdefender.com" value under "HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Thunderbird\Extensions", and even reverted to an old copy of prefs.js that had no mention of Bitdefender. The problem persists.

  • I'm not sure what to do next, but maybe wait and see if Georgia has a shortcut fix or an idea for this one, or another member may respond?

  • I don't think it's a toolbar issue at all. I think it happens when BD intercepts traffic to/from my IMAP server. When I'm able, I am going to try disabling email scanning.

  • heterodox
    edited February 2014

    I may have the problem licked. (Not a solution, but a workaround.) I changed from SSL/TLS to STARTTLS, and don't seem to get the prompts anymore, even with email scanning (i.e. antivirus) and anti-spam enabled.


    Because I hate when people are vague about how they fixed a problem, here are the rather exact steps in Thunderbird:


    1. Select Tools > "Account Settings..."


    2. Select "Server Settings" under the applicable account(s).


    3. For "Connection security", change SSL/TLS to STARTTLS.


    4. Select "Outgoing Server (SMTP)".


    5. Double click each applicable SMTP server, and then perform step 3 for it.


    6. Click OK twice.


    Thank you for trying to help, Scott. I really appreciate it.

  • You might be able to resolve this by going into Bitdefender Settings-> Privacy Control Settings -> turn "Scan SSL" off


    BitDefender is essentially using their own certificate to encrypt/decrypt web and email traffic if this setting is enabled. For some reason (looks too much like a "man in the middle" attack?), the OS and the browsers don't like this behavior or don't recognize the Bitdefender certificates.


    Aloke

  • I may have the problem licked. (Not a solution, but a workaround.) I changed from SSL/TLS to STARTTLS, and don't seem to get the prompts anymore, even with email scanning (i.e. antivirus) and anti-spam enabled.


    Because I hate when people are vague about how they fixed a problem, here are the rather exact steps in Thunderbird:


    1. Select Tools > "Account Settings..."


    2. Select "Server Settings" under the applicable account(s).


    3. For "Connection security", change SSL/TLS to STARTTLS.


    4. Select "Outgoing Server (SMTP)".


    5. Double click each applicable SMTP server, and then perform step 3 for it.


    6. Click OK twice.


    Thank you for trying to help, Scott. I really appreciate it.


    You're welcome heterodox, sorry I could offer only little help, but your appreciation is accepted :) It sounds like you're a step or 2 more proficient in your PCing skills and knowledge than I am, so thanks for posting your solution as it could help others here in the future.


    :)

  • This is an old topic, but my answer might help someone.


    I had the same Security Exception problem, and it turned out to not have anything to do with Bitdefender. When I set up the new IMAP account I had Thunderbird automatically pick the settings, including the servers (as suggested by my provider.) I went back to my provider and got the manual settings, changed the incoming server, and the Exception problem went away.

  • heterodox
    edited September 2015
    This is an old topic, but my answer might help someone.


    I had the same Security Exception problem, and it turned out to not have anything to do with Bitdefender. When I set up the new IMAP account I had Thunderbird automatically pick the settings, including the servers (as suggested by my provider.) I went back to my provider and got the manual settings, changed the incoming server, and the Exception problem went away.


    The key thing would be when the problem started: Immediately after setting up a new email host in Thunderbird, or immediately after installing BD.


    I have not been using BD since running into all those problems last year. I just installed BDTS 2016, and this issue cropped up anew. It most definitely has everything to do with BD on my setup. I own my own domain and I know what the proper settings are.


    The STARTTLS workaround still seems to work, but it's frustrating that BD still has this issue.