Done. We now have a functional and private Torbirdy successor TB.
This is now in Whonix testers repository.
Awesome! Great work!
Also in stable-proposed-updates Whonix repository for a few days now.
How can I download the thunderbird package with torbirdy from the Whonix repository?
This is available in all Whonix repositories.
Quote Whonix / Kicksecure 15.0.1.4.8 - for VirtualBox - Point Release!
Thunderbird protocol level leak prevention. Replacement for what previously was done by torbirdy. See torbirdy deprecated - replacement required . Ported from Tails to anon-apps-config. Credits: Thanks to Tails for the torbirdy replacement. Thanks @HulaHoop for the port to anon-apps-config.
I at first posted this into the support section - but I don’t need support for this and as the wiki points for reports to the forum in general and I’m not sure about usual practice, I decided to repost it here, as it seems related.
The standard Thunderbird network configuration 127.0.0.1:9102 should be redirected by anon-ws-disable-stacked-tor to 10.152.152.10:9102, but it isn’t in 15.0.1.4.9.libvirt
for me.
UWT_DEV_PASSTHROUGH=1 curl 127.0.0.1:9102
responds with curl: (7) Failed to connect to 127.0.0.1 port 9102: Connection refused
No file for the 9102 port in /lib/systemd/system/
gets created.
So Thunderbird doesn’t work with the pre-configured settings. Setting it to 10.152.152.10 obviously ‘fixes’ it. As the redirection got added in this thread, I thought it might be relevant.
If you deem my current other problems causing this (Flushing iptables once, else no connection), then please feel free to delete/ignore this post.
No it’s its own problem. I’ve seen reports about it on Twitter. @Patrick is there a better option that disabling this option altogether? I’d prefer getting stream isolation sorted out for it if possible.
Temporary fix which users can run inside Whonix-Workstation:
sudo /usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generator
Package fix will come later through upgrades:
Is this file still useful/required? @HulaHoop (since you originally added that)
(Came up due to [Resolved] Thunderbird mail.server.server1.check_new_mail Preference Locked in Whonix Workstations)
I think he just kanged it from https://gitlab.tails.boum.org/tails/tails/-/commits/stable/config/chroot_local-includes/usr/lib/thunderbird/thunderbird.cfg.
Commit log says @intrigeri on the Tails gitlab wrote that. Maybe ask him?
EDIT: Linked the relevant file
Tails still has config/chroot_local-includes/usr/lib/thunderbird/thunderbird.cfg · master · tails / tails · GitLab
Unlikely that someone from Whonix will do this. So if you don’t do it, most likely won’t happen.
Yes it is the setting that forces TB to use local drafts folders instead of those on the server. It’s an important privacy setting.
But the enigmail settings can be removed?
I need to see all of the thunderbird related configs. The repo search functions seem to have been messed up by MS lately. Then I have to see what the new options are for similar encryption settings set by Tails.
OK figured out all the changes needed and will commit soon.
Note that
/etc/thunderbird/pref/30_whonix.js may also be obsolete?
Note for self: all TB files are in this package:
Usability impact only:
/usr/lib/thunderbird/thunderbird.cfg was lacking
pref(“mailnews.start_page.enabled”, false);
but config/chroot_local-includes/usr/lib/thunderbird/thunderbird.cfg · stable · tails / tails · GitLab has it
Was this on purpose?
Added just now.
Yeah.
pref(“extensions.torbirdy.gpg_already_torified”, true);
Since torbirdy was deprecated, is no longer installed and torbirdy
isn’t to be found in about:config
we can be confident that it can be removed.
Best to remove the setting (minor cleanup) but keep the rest of the file just in case for the future?
Yes it was because it is already in the master settings file /etc/thunderbird/pref/40_thunderbird.js
I added this before they did
You mean you want this file dedicated to encryption settings? I think it is more work and redundancy since everything is just dumped in the main file. If you want to keep the comments around as a reference, just go ahead and move them in
/etc/thunderbird/pref/40_thunderbird.js
under one of the native encryption prefs