no common encryption algorithms

[karenanne]

The last few weeks I've been getting messages like this:

Thunderbird and http://www.whatever.com cannot communicate securely because they have no common encryption algorithms.

when I open some messages. I've grubbed around and found that the solution is apparently to get to tools options advanced general config editor, but then I'm stymied. The solutions all wander off to firefox threads and are unclear as to what to do for thunderbird.

Does anyone know exactly what I am to do once I click on config editor?

I should add, it does let me read the email, but I'd like to turn off the annoying message.

Thank you.

[tanstaafl]

What version of Thunderbird are you using?

If you are trying to have youtube send you a message its a question of what ciphers your email provider uses. That shouldn't be a problem with popular free email providers such as gmail, outlook, yahoo, zoho, gmx etc. or major ISPs such as Comcast, AT&T, Verizon, and TWC. What email provider are you using?

https://www.ssllabs.com/ssltest/analyze ... Results=on lists the cipher suites that youtube uses (at the bottom). You can compare that with what searching for ssl3 in the config editor (tools -> options -> advanced -> general) returns. It lists ciphers such as security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256 which I believe is equivalent to (from ssltest)

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) ECDH x25519 (eq. 3072 bits RSA) FS 128

Some related threads :
http://forums.mozillazine.org/viewtopic ... lit=cipher (problem was an ancient version of TB)
http://forums.mozillazine.org/viewtopic ... lit=cipher (problem was ancient version of TB)
http://forums.mozillazine.org/viewtopic ... lit=cipher (problem was bad choice of ciphers by email provider)
http://forums.mozillazine.org/viewtopic ... lit=cipher (not sure whose fault, but probably email providers)
http://forums.mozillazine.org/viewtopic ... lit=cipher (due to user downgrading to a older version of Thunderbird)

[karenanne]

I'm not sure how youtube comes into this. As far as I know I have never been sent email by youtube. The comments about ssl3 are all Greek to me.

I have gmail, which thunderbird pulls down.

The most frequent emails that get this complaint are from FedEx.

I will look at your links, thank you.

[karenanne]

Okay, I scanned the links, and it's clear I would probably destroy thunderbird if I tried to do any of this. I had been hoping for some simple fix to just suppress the error message, For that matter, I'd like a turn off the certificate warning message as well, since I get that a lot and it has never been a valid problem. Apparently the world is full of major sites using badly named certificates.

[tanstaafl]

I'm not sure how youtube comes into this. As far as I know I have never been sent email by youtube.

Clicking on http://www.whatever.com/ goes to https://www.youtube.com/user/whatever . I took you literally. It sounds like you meant it as a made up generic URL.

The most frequent emails that get this complaint are from FedEx.

If you get those messages in a Gmail account I wouldn't expect you to have a problem with ciphers between Gmail and Thunderbird. Could the problem be displaying remote images in a HTML message from FedEx because it uses a secure connection to fetch the remote image?

Or do you mean clicking on a link in a message from FedEx that takes you to to the FedEx web site?

I suggest you see if the problem occurs if you set view -> message body as -> plain text and then view the FedEx message. That might not be as easy to read as the HTML version, but would help troubleshoot whats going on.

It would also be useful to see if you have a problem viewing the web site if you copy and paste the FedEx link in the message to Firefox's address bar. Typically Thunderbird and Firefox have identical certificates and cipher suites.

[karenanne]

Thanks, I'll try that the next time I get an email that complains.

I did mean whatever as a placeholder.

Even when I accept the error message, images in the FedEx emails do not display. (I get the error message in some other emails, FedEx is just the one I remember at the moment.) I do now suspect the images are the problem, but let me see what happens as I get emails over the next few days.

Thanks again.

[karenanne]

Re: I suggest you see if the problem occurs if you set view -> message body as -> plain text and then view the FedEx message. That might not be as easy to read as the HTML version, but would help troubleshoot whats going on.

plain text works with no error messages. (I was actually wrong, it's UPS emails that are complaining the most, although I see it with some others. The shipper changed from FedEx to UPS awhile back and I forgot.)

[tanstaafl]

I don't know what to suggest as my copy of Firefox has no problem making a secure connection to https://www.ups.com/us/en/global.page and Firefox and Thunderbird usually support the same ciphers. Perhaps the message is trying to link to a different host (not the main web site).

See if you can spot the img src link (that makes a secure connection using https) using control-U or view -> message source. If you can, please copy and paste it.

<IMG SRC="https://flagship.vanguard.com/web/images/marker.jpg"/>

is an example.

[karenanne]

There are three images that don't show up in the current message.

One has the alternate text UPS My Choice Driver and in the source I found

<img src=3D"http://www.ups.com/img/email_driver.png" width=3D"600" he=
ight=3D"121" alt=3D"UPS My Choice driver" border=3D"0" >

Clicking on it in the email does nothing.


Another doesn't display alt text but when I click on it I get to a url starting with https://upsmychoicedeals.com There is no url like that in the source.


The other has alt text download the UPS mobile app. Here's the source fragment for that

href=3D"https://m.ups.com/content/us/en/appdown ... ">Download =
the UPS mobile app</a></td>

when I click on it it gets to https://www.ups.com/us/en/services/tracking/mobile.page

I'm getting somewhat confused here.

[tanstaafl]

Only the last two links use secure connections. I sent a message with those links to myself and clicked on them in Thunderbird. They were displayed in Firefox, with no problem.

[karenanne]

I guess I'm sunk. I have no idea what's going on, and now also email from the USPS also requires multiple clicks to display.

Is there any way I can turn off that notification confirmation panel showing up? I would be happy just to get rid of those, forget getting the images to display.

[tanstaafl]

I don't know of a way to disable the error message popup unless it lets you check a checkbox to create a security exception.