Preserve POP3 email for selected accounts when deleting/recreating the accounts
We use Thunderbird (v68.12.0 in Linux) to manage POP3 email for a bunch of email accounts involving multiple email service providers. AOL is one of the providers and they just informed us of security changes that will require deleting those accounts in Thunderbird and then recreating them so they get created with the proper security.
Simply deleting and recreating the accounts will eliminate all of their associated, locally-stored messages. I assume the solution involves some form of backup and restore, possibly involving a new TB profile and copying selected folders. What is the most practical procedure to do this?
All Replies (8)
sfhowes, thanks for the link. OAuth2 has been available for quite a while and I looked at that when it was first offered. However, it is not a good alternate solution for us.
I did test the procedure in that link just to see if it would work with my existing password. The SMTP section in the TB settings does not offer OAuth2 as an authentication option. After restarting, TB returned an error message:
"The server does not support the selected authentication method. Please change the 'Authentication method' in the 'Account settings | Server settings'."
Since the only authentication method changed was on the POP3 server, this would seem to indicate that OAuth2 must first be set at AOL as the method associated with the account.
Edeziri
The only alternative to OAuth2 is 'normal password' authentication with an app password.
https://help.aol.com/articles/Create-and-manage-app-password
See the update to my previous reply. I'm aware of the app password option. According to AOL's current guidance, I would need to get a new app password every session (expires when you log out).
The alternative AOL offers is deleting the account in TB and then recreating it, which would be a one time hoop to jump through. Which brings me back to my original question of how to preserve the account emails while doing that.
Are you sure about a new app password for every session? I have an AOL account on a phone mail app that doesn't support OAuth, and the same app password is applied every time I connect to the account. If you enter the app password the first time after TB is restarted, and check the box to have it stored in Saved Passwords, I don't think you'll have to reset it every time.
If you follow their advice and add the account, TB will automatically apply OAuth2 authentication. You can of course set it up manually with normal password/app password, but I don't see the objection to OAuth2.
Copy the POP mail to Local Folders before removing the account if you proceed to add it back.
So rather than dealing with profile folders, you're suggesting to just set up a temporary local folder in TB, select all the inbox messages in that account, and move them to the local folder within TB, then move them back afterward? Hadn't thought of that; sounds like a simple solution.
re: app password -- here's the guidance from AOL:
"Just remember, app passwords are only valid for the app they are created for and remain valid until you sign out or remove access to the app. At that time, a new password will need to be created.
re: OAuth2 -- it's been awhile since I looked at AOL's implementation, so I don't recall the specifics. What I remember is that it wasn't simply an automated interaction like a simple password, or validating a device one time; it involved a manual verification step for each session. Since we're located in a cell tower hole, there was either no practical option available for verifying, or it could result in the land line ringing and waking people up if the login was in the middle of the night. In any case, going through a manual verification step for every session would get old fast.
If the procedure of deleting and recreating the accounts does nothing more that change the server settings to OAuth2, I wonder if I need a newer version of TB, since my version does not offer OAuth2 as an option for SMTP. Also, trying that today without changing anything on the AOL server produced an error message from AOL.
The plot thickens. I was aware of the AOL action because my wife got email notices on her accounts. I haven't yet received the notice on my own account. I just tested deleting and recreating my account. What was recreated automatically does not use OAuth2 authentication, just the normal password. So either the action does something other than change the authentication method, or it involves some in-house settings at AOL that are on a staggered rollout, and the change doesn't happen until AOL notifies you.
Edeziri
I have an IMAP AOL account in TB and also a gmail IMAP, both use OAuth2, and neither one requires password entry for each session.
OAuth2 for POP requires at least TB 68, I think. Current release is 91.
To update this, I finally received an email from AOL warning me of the change. Since TB v68 doesn't support OAuth2 on SMTP, I installed the Flatpak version, which is v91. I used the automated setup. During setup, it popped up an interactive message regarding a secure certificate (which TB warned no legitimate party would do, and which didn't happen when trying this with v68). The certificate looked legit so I allowed it. It did not use OAuth2 for either server, just the normal password. So the enhanced security apparently does not involve OAuth2, just a special certificate. Unfortunately, the change in code base since v68 means my add-ons won't work.