2.24.2.2.3. Configuring Thunderbird Authentication Correctly
When a mail client connects to a mail server to receive or send mail, authentication is used for security purposes. There are different authentication methods. One of the options could be CRAM-MD5 or APOP, which are currently outdated and insecure. Here's how to check your current settings and set up a more modern and secure authentication method.
To properly configure authentication in Thunderbird, do the following:
- In the main Thunderbird window, right-click on the added account and select "Options":
- Clickon "Change SMTP Server":
- Check outgoing mail settings:
- The parameters are responsible for encrypting the connection. "Port" and "Connection protection":
- In order for the connection to the server to be encrypted, recommended use port 465 and connection protection "SSL/TLS".
- If an unencrypted connection suits you, you can use the port 25 or 2525 and connection protection "No".
- The parameter is responsible for authentication "Authentication method" — its meaning necessarily should be "Regular password" (for an encrypted connection) or "Password, no transmission protection" (for an unencrypted connection). If set to a different value, change it to one of the above.
- Switch to section "Server parameters" and check your inbox settings:
- The parameters are responsible for encrypting the connection. "Port" and "Connection protection":
- If IMAP is used (opposite "Server type" indicated "IMAP mail server"):
- In order for the connection to the server to be encrypted, recommended use port 993 and connection protection "SSL/TLS".
- If an unencrypted connection suits you, you can use the port 143 and connection protection "No".
- If the POP3 protocol is used (opposite "Server type" indicated "POP3 mail server"):
- In order for the connection to the server to be encrypted, recommended use port 995 and connection protection "SSL/TLS".
- If an unencrypted connection suits you, you can use the port 110 and connection protection "No".
- The parameter is responsible for authentication "Authentication method" — its meaning necessarily should be "Regular password" (for an encrypted connection) or "Password, no transmission protection" (for an unencrypted connection). If set to a different value, change it to one of the above.
- Save your changes and test your mail.