This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

OAuth stopped working on one gmail account. SOLVED vpn server blocked some traffic

  • 7 replies
  • 0 have this problem
  • 1 view
  • Last reply by Matt

more options

As of December 1st 2023, one of my gmail accounts in thunderbird stopped working. Every time I check messages, I get the Oauth prompts to allow thunderbird access to the gmail account, I click through without error messages, and I can see the rights were granted to Thunderbird in my account, but Thunderbird is unable to connect. If I check saved passwords, I see it has not saved an OAuth password.

Things I have done: (1) Verified everything in this article: https://support.mozilla.org/en-US/kb/automatic-conversion-google-mail-accounts-oauth20 (2) Verified that IMAP was enabled on the gmail account (3) Checked the settings against my other gmail accounts which are all working, I don't see any difference. (And this account was working up until December 1st, along with all my other ones which are still working)

Anyone have any ideas what might be causing this?

As of December 1st 2023, one of my gmail accounts in thunderbird stopped working. Every time I check messages, I get the Oauth prompts to allow thunderbird access to the gmail account, I click through without error messages, and I can see the rights were granted to Thunderbird in my account, but Thunderbird is unable to connect. If I check saved passwords, I see it has not saved an OAuth password. Things I have done: (1) Verified everything in this article: https://support.mozilla.org/en-US/kb/automatic-conversion-google-mail-accounts-oauth20 (2) Verified that IMAP was enabled on the gmail account (3) Checked the settings against my other gmail accounts which are all working, I don't see any difference. (And this account was working up until December 1st, along with all my other ones which are still working) Anyone have any ideas what might be causing this?

Modified by Wayne Mery

Chosen solution

So I managed to solve this, and wanted to post it here in case anyone finds this with the same problem. The issue was caused because I was running a vpn server on my local machine, and for some reason the oauth traffic must have been forwarded to the vpn server and been blackholed there.

Stopping the VPN provider caused the oauth to complete succesfully. So if you have any sort of local server running on your system and have the same issue, you may want to try killing it.

Read this answer in context 👍 0

All Replies (7)

more options

If the oauth flow completes but no password is saved that almost certainly means something is blocking the process at the point where the information from the web page to transmitted to the localhost on your computer.

Personally I would look to your antivirus product of choice as a very likely cause of the current issue. Way back the localhost was used by malware to send SPAM mail. That was probably 15 years ago. But nothing much in the security field is either new or innovative. They still monitor and routinely block the localhost, either through scanning, or firewall rules.

Other causes of the localhost not working are software like a development environment that uses the localhost to display web pages, a web server like Apache or a whole host of applications and daemons that monitor ports of the local host adapter.

more options

Thank your for your response. I tested today after closing everything down, and still no luck. However, I did notice that I must have been mistaken in saying the OAuth process is completing. The application link does not get created; perhaps I was just looking at the old Oauth link before it stopped working, and when I removed it it did not get recreated. So basically OAuth is broken, not sure how to fix.

Edit: Found this post online by someone with what appears to be close to the exact same issue, no answer of course.

https://support.google.com/accounts/thread/237058395/thunderbird-oauth-fails-for-gmail?hl=en

Modified by st.jfisher

more options

Did you allow cookies in Thunderbird?

more options

christ1 said

Did you allow cookies in Thunderbird?

Yes, they are set to always allow.

more options

Chosen Solution

So I managed to solve this, and wanted to post it here in case anyone finds this with the same problem. The issue was caused because I was running a vpn server on my local machine, and for some reason the oauth traffic must have been forwarded to the vpn server and been blackholed there.

Stopping the VPN provider caused the oauth to complete succesfully. So if you have any sort of local server running on your system and have the same issue, you may want to try killing it.

more options

Matt said

If the oauth flow completes but no password is saved that almost certainly means something is blocking the process at the point where the information from the web page to transmitted to the localhost on your computer. Personally I would look to your antivirus product of choice as a very likely cause of the current issue. Way back the localhost was used by malware to send SPAM mail. That was probably 15 years ago. But nothing much in the security field is either new or innovative. They still monitor and routinely block the localhost, either through scanning, or firewall rules. Other causes of the localhost not working are software like a development environment that uses the localhost to display web pages, a web server like Apache or a whole host of applications and daemons that monitor ports of the local host adapter.

You were totally right about the local server being the cause, somehow I completely missed that in your response until re-reading it just now. Thank you for your help!

more options

What you apparently missed in this "I think" is that the oauth flow is a web page flow. Through out that process, Thunderbird is acting as a web browser and sending and receiving messages using standard web ports. YOur VPN will rouht the traffic as it does any other web page. Or should.

Fundamentally a VPN is a recipe for failure with email generally. Most providers know where you live, you told them, as do others like social media, you bank, your employer etc. Then you deploy a VPN that tries to tell these systems that know where you live that the messages are coming from another place entirely in the world. Like Vladivostok or Cairo. So these systems raise a flaf that you might have been hacked. How that response settles will be provider dependent. With mail is usually means a refusal to connect. Others email you to ask if it was you trying to log in. Yet others simply suspend your account as you have obviously been hacked.

A VPN is not a good idea for many folks that only use social media, their bank and ISP mail or Gmail for instance. It offers nothing in the way of added security to you or yours. Just some obscurity as to where in the world you are connecting from.