Thunderbird corrupted networking over hidden services

TNT_BOM_BOM · May 6, 2020, 8:32pm

Thunderbird somehow after torbirdy removed because of its outdated and not compatible with the current Thunderbird version, trying to link your email smtp/pop over tor hidden services just doesnt work. I tried this with riseup and danwin1210 email providers both doesnt work, Testing it using plain debian + tor + proxychains + thunderbird it will work fine.

I opened ticket with riseup they confirmed to me that all their servers working and they are using onion hidden services.

So the issue within whonix firewall or so.

tempest · May 8, 2020, 3:02pm

danwin1210.me onions are currently working fine for me with thunderbird.

TNT_BOM_BOM · May 8, 2020, 3:38pm

Whonix Qubes?

and what is your Thunderbird network config IP , Port…

and i assume nothing opened in firewall than the vanilla firewall rules
coming with whonix?

tempest · May 8, 2020, 3:59pm

if you’re using qubes, that may be the difference. This is with kvm on a debian host. there’s nothing particularly modified about it. whonix firewall is at deafults. thunderbird connection ip/port = 10.152.152.10:9102

TNT_BOM_BOM · May 22, 2020, 6:47am

got new report for the same issue on IRC, this is whonix-qubes issue.

nakoo · May 30, 2020, 1:56am

The problem is occurred due to default network setting from Thunderbird.
Follow it below. I’ve got this settings from Tails OS.

Edit (from Thunderbird Menu Bar) -> Preferences -> Advanced -> Network & Disk Space -> Connection -> Settings…
-> Select ‘Manual proxy configuration:’
-> Type SOCKS HOST: ‘127.0.0.1’ Port: ‘9050’
-> Check ‘SOCKS v5’
-> Check ‘Proxy DNS when using SOCKS v5’

I’ve tested Whonix VirtualBox 15.0.1.3.4.

TNT_BOM_BOM · June 6, 2020, 12:20pm

issue resolved somehow on qubes, How? i dont have good reasons.

(Unrelated to the fixation) But One of the stupid stuff i found in Thunderbird it blocks onion dns by default?!

Preferences -> Advanced -> Configure Editor… -> network.dns.blockDotOnion (set it to false)

No idea why this option even exist and enabled by default.

tempest · June 7, 2020, 10:46pm

the same thing will happen on debian for apt. this is assuming a non-whonix like install. in such a scenario, if tor is not running, the software will not try to connect to an onion for privacy purposes, since your isp could see that you made a request to a specific “onion.” in short, it’s to keep site specific leaks from happening that could correlate a user to a site.

TNT_BOM_BOM · June 8, 2020, 7:21pm

My ISP can see which .onion (hidden service) i request? i didnt get this well

Patrick · June 9, 2020, 9:00am

Firefox and Thunderbird are developed from perspective of clearnet
users. I.e. users who don’t use Tor.

Such users when entering an onion domain would not be able to reach them
because they don’t use Tor. But the browser / e-mail client’s DNS lookup
for the onion would be visible by the usual DNS server of the user -
which is in most cases the user’s ISP.