NYX warn notice. How can I trace the warn message?

Qubes-Whonix
1

I get this warn message on a regular basis inside of nyx terminal application:

[WARN] Application request to port 143: this port is commonly used for unencrypted protocols. Please make sure you don't send anything you would mind the rest of the Internet reading!"

I use multiple VMs at the same time.

  1. Can this be ignored, because it is a know and harmless bug?
  2. How can I trace the warning message to the VM and app that is the originator?
  3. Is it Vanguards which creates the warn message?
2

Search engine:

port 143

How can I trace the warning message to the VM and app that is the originator?

Possibly using a package analyzer such as wireshark / tshark. Self Support First Policy for Whonix applies.

search / grep Tor and/or vanguards source code for:

Application request to port
port is commonly used for unencrypted protocols

Self Support First Policy for Whonix applies: “Can vanguards cause […]”

Related:

3

I know that port 143 is used for IMAP email. That is what I am confused about. I don’t have any email program in use. Is it Thunderbird from the Fedora AppVM trying to connect?

Where? Please explain it in more detail.

4

Not without starting it. Not without having any e-mail account set up. Not without being configured to use Whonix for networking.

  1. Find the source code. (Search engines, etc…)
  2. Download the source code.
  3. Find programs to effectively search for textual strings inside source code such as grep.
  4. Search for common things which are mentioned for sure to know your search tool is functional. (vanguards will very most likely have textual string vanguards in its source code.)
  5. Search for what you’re actually looking for.

Unrelated to Whonix. Always the same process.

5

Okay. I got it. Thanks.
What is your best guess if it isn’t Thunderbird from Fedora?
I am a normal QubesOS user: Debian 10, Debian 10 min, Fedora 33, Fedora 33 min and Whonix WS + GW of course.