Codename: TorBirdy

TorBirdy is an extension for ​Mozilla Thunderbird that configures it to make connections over the Tor network. TorBirdy automatically enhances the privacy settings of Thunderbird and configures it for use over Tor -- think of it as ​Torbutton for Thunderbird.

Current TorBirdy version is 0.2.6 released on 06 Oct 2018. The recommended Thunderbird version for use with TorBirdy is Thunderbird 52 or higher; Thunderbird 60.2.1 is supported.

TorBirdy is not affected by the ​EFAIL vulnerability as TorBirdy disables HTML email.

Installation | ​torproject.org (XPI) | ​Mozilla Add-ons (XPI) | ​Source Code | Troubleshooting | Tickets

Status

TorBirdy is in beta and should be considered experimental. Please make sure that you read the Before using TorBirdy section below before using it for the first time.

Advanced users may also read our design goals document (PDF) to understand what we are trying to accomplish with TorBirdy for our users. (NOTE: This document has not been updated and does not reflect the current code.)

Before using TorBirdy

The preferences TorBirdy changes are documented here.

When you install TorBirdy, it modifies and adds many preferences to configure Thunderbird to be used securely over the Tor network.

TorBirdy enforces the preferences it sets and attempts to change them using Thunderbird's settings or the configuration editor will not work as all such changes will be discarded when Thunderbird restarts. This is because we believe that these preferences should not be changed -- whether deliberately; by mistake; or due to another extension -- as doing so can compromise your anonymity. There are however some preferences that can be changed and they can be accessed through TorBirdy's preferences dialog. Please note that if you are not an advanced user, you should NOT change any setting unless you are very sure of what you are doing.

The preferences that TorBirdy changes are restored to their original values when it is uninstalled or disabled, thus restoring your Thunderbird's state to exactly what it was prior to TorBirdy's installation. If you find that TorBirdy leaves evidence of its installation in any way, please file a bug report.

Configuration

See the preferences page for information about TorBirdy preferences and how you can configure them.

Required Software

This short guide should help you to set up your Thunderbird email client to send and fetch email via Tor. It can be used for both new and existing email accounts in Thunderbird.

Please bear in mind that email accounts that have been used without Tor before offer less privacy/anonymity/weaker pseudonyms than email accounts that have always been accessed with Tor. But nevertheless, TorBirdy is still useful for existing accounts or real-name email addresses. For example, if you are looking for location anonymity -- you travel a lot and don't want to disclose all your locations by sending emails -- TorBirdy works wonderfully!

TorBirdy

Available from Tor Project's website: ​https://dist.torproject.org/torbirdy/, or through Mozilla Add-ons: ​https://addons.mozilla.org/en-us/thunderbird/addon/torbirdy/

Standalone TorBirdy is just the TorBirdy extension. You need to have the Tor binary available, whether through the daemon or the Tor Browser Bundle for the standalone version of TorBirdy to function. This is considered stable and is the recommended method of using TorBirdy.

Components Required Thunderbird Tor



Installation

Install Tor:

On Windows and OS X, download and install the ​ Tor Browser Bundle. When you want to use TorBirdy, you have to start the Bundle (if it is not already running.) If you have never used the Tor Browser Bundle before, please follow ​ the detailed guide by Security in-a-box.

Tor Browser Bundle. When you want to use TorBirdy, you have to start the Bundle (if it is not already running.) On Unix, Linux and BSD you should use your distributor's packages, or if available, the ones ​ provided by the torproject. You can of course also use the Tor Browser Bundle.

Regardless of the OS, make sure Tor is running with default client settings ( SocksPort is listening on 127.0.0.1:9150 ).

Install the TorBirdy extension:

You can skip this step if you already have the TorBirdy XPI.

Start Thunderbird and go to Tools and then select Add-ons. In the Search box on the right, type TorBirdy and press enter. You should see TorBirdy in the search results. Click on Install and then restart Thunderbird to complete the TorBirdy installation process.

Verifying the XPI

The TorBirdy XPI is signed by Sukhbir Singh with the key 0xB01C8B006DA77FAA. Please make sure you verify the fingerprint, as listed on the Tor Project ​signing keys page.

The signature and TorBirdy releases are available at ​https://www.torproject.org/dist/torbirdy/.

Instructions for verifying the XPI on Windows and OS X are available on the ​verifying signatures page.

(You can probably skip the verification step if TorBirdy was installed from Thunderbird/Mozilla Add-ons.)

Installing TorBirdy in Debian

TorBirdy is in Debian starting version 0.1.2 (package: xul-ext-torbirdy). To install TorBirdy (probably not the latest version, so you probably do not want to do this) in Debian:

apt-get install xul-ext-torbirdy

Troubleshooting

If things don't work for you:

Make sure Tor is running and listening on 127.0.0.1 ( localhost ) on port 9150 . If you are using standalone Tor (and not Tor Browser), you most likely have Tor running on 9050 (the Tor default). In that case, go to "Use custom proxy settings" in TorBirdy's settings and change the port to 9050 . Then click on "Test Proxy Settings" to confirm. The check page should say "Congratulations. This browser is configured to use Tor." If you are using the Tor Browser Bundle, check if: tor is running

tor's SocksPort is running on the expected port 127.0.0.1:9150 .

is running on the expected port . TorBirdy was configured to connect to 127.0.0.1:9150 If you are using system Tor (standalone Tor), check if: tor is running

tor's SocksPort is running on the expected port 127.0.0.1:9050 .

is running on the expected port . TorBirdy was configured to connect to 127.0.0.1:9050

If you see Thunderbird connecting to Tor and it is still not working, try hitting the "New Identity" button in Tor Browser; it might be the case that the mail server you are trying to connect to does not like your source IP address (bad exit node).

If none of the above works for you, come and talk to us in IRC. When asking for support, please make sure you include the version of Thunderbird and TorBirdy you are using (including the platform.)

IRC: #tor, #tor-dev [irc.oftc.net]

FAQ

I am changing a preference but its value is reset when Thunderbird restarts. Why is this happening?

This is expected behaviour; please read the Before using TorBirdy section for more information.

How do I send and receive HTML emails?

HTML email is disabled both for sending and receiving mail. This is because HTML emails are unsafe and can compromise your identity; emails you send will be in plain text and HTML emails you receive will be sanitized and converted to plain text. You cannot change this behavior. (And you should not be sending HTML emails anyways!)

I noticed that the time information on sent messages is incorrect. Why is that?

When sending messages, TorBirdy sanitizes the date header and converts it to UTC to prevent local timestamp disclosure.

Why is Thunderbird not checking for new messages automatically?

TorBirdy prevents Thunderbird from automatically checking for new messages at startup and after a fixed time interval (usually ten minutes). Please see the preferences page for more information.

Why are draft messages for IMAP accounts saved in Local Folders instead of the remote server?

Please see #10309 for more information.

Yes, RSS support was added in TorBirdy 0.2.0.

Yes, NNTP support was added in TorBirdy 0.2.0. See #7847.

Should I use POP or IMAP?

TorBirdy works with SMTP and IMAP/POP3 but POP3 is recommended over IMAP because POP3 is a much simpler protocol and less likely to have or introduce any new sketchy features.

TorBirdy with Gmail

TorBirdy works fine with Gmail and there should be no issues except in rare cases where certain exit nodes cause Gmail to lock an account (and therefore POP/IMAP access) until the user logs in through the web interface and enters a CAPTCHA.

Note (sukhe): Gmail does not work for all users and we don't know the blocking pattern. For example, on one Gmail account, there is no issue at all but on the other, it's almost impossible to log in over Tor no matter what I whitelist. And unfortunately, there isn't much we can do about this other than to switch to a Tor-friendly email provider.

Operation

When TorBirdy is installed and starts for the first time:

it saves (all) the current proxy settings so that they can be restored when TorBirdy is uninstalled/disabled.

then it clears the proxy settings. Proxy Type SSL Host, Port SOCKS Host, Port HTTP Host, Port

all plugins are disabled (note: just plugins, not extensions.)

extensions.) for IMAP accounts, the location of the drafts folder is changed from the remote folder to Local Folders

account-specific settings for all the (incoming) accounts are saved so that they can also be restored later: check_new_mail login_at_startup check_time download_on_biff socketType port authMethod

settings for existing outgoing accounts are saved and secure defaults are set

the recommended security settings for existing accounts are set

finally, all the recommended TorBirdy settings in TorBirdyPrefs in components/torbirdy.js are set

The last step is repeated every time Thunderbird starts.

When TorBirdy is uninstalled:

all the TorBirdy preferences are cleared and reset to their original values

the proxy settings saved earlier are restored

all plugins are re-enabled

all remaining TorBirdy preferences (the custom settings) are cleared

Known TorBirdy Issues

There are a number of known issues but no known leaks in TorBirdy.

But please remember: we are still in beta.

Security Requirements

Proxy Obedience

All other content in Thunderbird obeys the SOCKS proxy.

Disk Avoidance

TorBirdy does not leave any trace of its installation. Caching is also disabled.

Location Neutrality

The header in the outgoing email messages is converted to UTC.

Anonymity Set Preservation

No information about the user-agent or locale is leaked.

NOTE: It may however be possible to find out that Thunderbird is being used by looking at the format of the message-ID header in the outgoing messages.

Additional Add-Ons

Enigmail (OpenPGP GPG for Thunderbird)

Enigmail is supported and is safe to use with TorBirdy.

Keyserver Operations

Since 0.2.4, TorBirdy supports the use-tor mode in GnuPG and assumes you have the following settings configured for the keyserver lookups to work:

In your ~/.gnupg/dirmngr.conf , add the following line: use-tor .

, add the following line: . Assuming you have Tor running (daemon or Tor Browser), keyserver lookups should work. If not, try restarting dirmngr and try again.

See the ​GnuPG manual for more information about the use-tor setting.

Lightning (Calendar for Thunderbird)

(See #6319)

Lightning is safe to use with TorBirdy and has been tested with Google Calendar/iCal.

Other Add-Ons

Please do not install random add-ons. If they have not been reviewed by the TorBirdy developers, they can harm your anonymity.

In the past we have offered to help audit add-ons (other than the ones we support) to ensure their compatibility with TorBirdy. Unfortunately, this takes time and effort and we are discontinuing auditing add-ons requested by users. We recommend that if you depend on TorBirdy for privacy that you do not install random add-ons, and if you really have to use them with Thunderbird that you do so in a different profile.

Hacking

Branches

TorBirdy maintains different preference branches to accomodate its settings:

extensions.torbirdy.custom Holds the custom preferences that are set through the preferences dialog. extensions.torbirdy.restore Holds the preferences whose values are saved when TorBirdy is installed and restored when it is uninstalled.

(Don't change any of these preferences yourself!)

Contributing

Want to contribute to TorBirdy? Thank you! Here is how to send in code contributions:

create a new ticket, select the Applications/TorBirdy component, and attach a patch to it,

if you don't like patches, create a ticket and select the component above, and reference a Git repository (on say GitHub). We will merge the patch from there.

talk to us in IRC if you don't want to or can't do any of the above.

Translations

For a list of supported translations, see the chrome/locale/ folder. Note: while we include all supported locales from Transifex, it is possible that translations for a given locale are incomplete.

Submitting Translations

We are always looking for assistance with translations. If you would like to use TorBirdy in the language of your choice, just send us the translation and we will include it.

Translations are handled through two files: ​torbirdy.dtd and ​torbirdy.properties. The recommended way of submitting translations is through ​Transifex. You will need to create an account and submit your translations for both ​torbirdy.dtd and ​torbirdy.properties. If you do not want to use Transifex, you can send us a pull request.

Acknowledgements

This project is currently being maintained by Sukhbir Singh. Past contributors include Jacob Appelbaum, tagnaq, Karsten N.