Picture of ProtonMail's 5 story teal office building in Geneva.
ProtonMail Office in Geneva, Switzerland Courtesy of ProtonMail.com

Resolution For ProtonMail Bridge & Thunderbird SMTP Issue

Colin White Colin White

While setting up the ProtonMail Bridge with Thunderbird 78.3.2 today I discovered that Thunderbird's standard self-signed certificate dialog no longer appears before sending the first message; making sending emails impossible. While ducking around (duckduckgo.com) I discovered this is a known bug that will be fixed in an upcoming release of Thunderbird; but I want to use it now!!! 🙎🤣

My work around is tedious but simple.

  1. Open ProtonMail Bridge.
  2. Click the 'Settings' button.
  3. 'Advanced Settings.'
  4. 'Change IMAP & SMTP settings.'
  5. Change the IMAP & SMTP ports to a random number like 1145 and 1026 respectively and then click 'Okay.'
  6. Bridge will automatically close and reopen. Follow steps 2-5 but this time only change the IMAP port to 1025.
  7. Open Thunderbird and setup a new account using account information from Bridge.
  8. Permanently store the certificate when the scary message pops open.
  9. In Thunderbird delete the account from step 7-8.
  10. In Bridge repeat steps 2-5. This time set the default ports again. (IMAP: 1143  SMTP: 1025)
  11. Repeat Steps 7-8 and enjoy!

I have been hopping back and forth between mailbox.org and ProtonMail for a couple of years. ProtonMail has come along far enough now that I believe I'll stick with them for the long term. My primary reasoning behind paying a premium for their service is my email is all stored encrypted on their servers; in the unlikely event anyone broke into their infrastructure, all the villains would find readable are the recipients and the subject of my emails (neither of which concerns me.) As I occasionally receive tax and other financial information through email, this grants me some peace of mind. With Proton, incoming email is the main vulnerability as this is the only point in the chain where it remains unencrypted in relation to their servers.

I have read others criticize ProtonMail for not supporting IMAP and SMTP standards used by ordinary email providers (gmail, Outlook, Zoho) but I believe this argument is flawed. Other email providers expect users to do all of the work of encrypting emails themselves which a tiny fraction of a percent of users actually do. ProtonMail was developed with the goal of privacy, security and ease of use out of the box which makes using the existing standards too restraining.

Removing the complexity and annoyance of PGP is a relief (I was using it client side for several years prior to the switch to ProtonMail.) Attempting to manually encrypt all of my existing unencrypted emails was a nightmare that Proton greatly simplified.

One final point is that ProtonMail allows IMAP and SMTP access on the desktop through their bridge application. While it is certainly slower than an unencrypted alternative, I find the lag to be within an acceptable amount. I am also happy they have open sourced the majority of their client code as of October 2020.

There is still more work to do on their end to polish and improve but as of now, they are much closer to having a PGP email product I can recommend to my folks without having to worry about constant problems. I cannot say the same for IMAP SMTP clients using PGP.

Comments