TPG Community

Get online support

TPG email account inaccessible with Thunderbird 78

amclar
Level 2

This is an extraordinary defect in TPG's email offering.

 

In TPG's advice for Thunderbird customers it says:

    "Please be advised that this is a known issue with the new version released by Thunderbird."

 

On the contrary - Thunderbird is working normally. Thunderbird on my system can send and receive email from many other email accounts. Only TPG has a problem, because TPG still uses outdated, insecure TLS 1.0 on its POP3 server.

 

TPG's proposed solution is to weaken the security in Thunderbird, until it can interoperate with TPG's insecure email server. Obviously this is an appalling solution, unacceptable.

 

I don't have any problem receiving POP3 email from Optus in Thunderbird. Optus's emal server supports TLS 1.2 and 1.3 and works just fine with Thunderbird 78 and greater.

 

Axigen's POP3 server software, for example, has offerd TLS1.2 since around 2012.

 

TPG's suggested workaround ("just weaken the security, it'll be fine") would have been barely acceptable in 1999. In 2020, it is a recipe for disaster.

 

TPG's reputation for security is trashed.

 

TPG need to update their POP3 server software and encryption levels as a matter or urgency.

TPG guys, you need escalate this in your organisation, so the relevant managers can get the upgrade project started, ASAP.

zackii
Level 3

I agree with you.

 

I am still bitterly disappointed that TPG can't fix security, that they are still advocating the customer take all the risk; that this issue has dragged on for so long.  I won't be recommending TPG to anyone.

 

I need a secure email.  Mobiles don't work on our property, so I have to do two factor authentication with email.  The Post Office option is woeful, it seems like text only, some pdf files will only display and print the first page, I am continually retyping my username & password, anything after 45 days disappears into the ether, I have trouble sending attachments. 

 

I am wondering if there is a way to escalate this to TGP management, they are not listening to us down here.

thecoles01
Level 2

Please provide us (the customer) with a timeframe for this to be resolved. The "work around" is not feasible when it comes to security. 

 

A timely response would be appreciated.

 

Thanks

adslp6ko
Level 2

Still no resolution??

GeeTee
Level 2

On Thunderbird v78+:

 

FIRST

 

On Menu go to: Edit => Account Settings

 

Click on your account: younrame@tpg.com.au

 

Select ‘Edit SMTP server’

 

Port: 587 (default)

 

Connection Security: ‘STARTTLS’

 

Authentication Method: ‘Normal Password’

 

NEXT

 

On Menu go to: Edit => Preferences

 

Select ‘General’

 

Scroll down to the bottom and click on ‘Config Editor’

 

You will get a popup ‘Here be Dragons’, click ‘I accept the risk’

 

Find ‘security.tls.version.min’ by scrolling down and double click on it.

 

A box will pop up which will probably have a ‘3’, change this to a ‘1’

 

Why do you need to do this?

 

Thunderbird supports TLS v1.2 as a minimum version ( security.tls.version.min’ = 3 )

 

TPG supports only:

 

TLS v1.1 ( security.tls.version.min = 2) OR

 

TLS v1.0 ( security.tls.version.min = 1 )

adslp6ko
Level 2

When will this security defect in TPG POP be resolved? 

RLK
Level 3
Level 3

Thank you David for this contribution. I was having various problems with Thunderbird on a portable drive and a Laptop. In one instance receiving and not sending, in another - neither send or receive.

Your summary worked perfectly.