為了改善您的使用體驗,本網站正在進行維護,部分功能暫時無法使用。若本站的文件無法解決您的問題,想要向社群發問的話,請到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 發問,我們的社群成員將很快會回覆您的疑問。

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

Thunderbird accessing many sites by IP address

  • 5 回覆
  • 0 有這個問題
  • 2 次檢視
  • 最近回覆由 Rick

more options

Hi,

Thunderbird tries to access many websites, even when it is in the background and apparently idle. In the last two or three weeks, it has tried to access about sixty websites that Little Snitch (Macintosh) reports by IP address, not domain name. Without knowing the domain name, I cannot tell what Thunderbird is trying to do, so I do not allow it to access those sites.

I know that Firefox does this also and that Thunderbird is built on Firefox.

In the Mullvad browser, built on Tor's browser, which is, in turn, built on Firefox, this problem is resolved by setting an option to use the user's default DNS resolver. I cannot find such an option in Thunderbird. Might there be one in a configuration setting? Or some other way to deal with this matter?

Thanks for any help.

Rick

Hi, Thunderbird tries to access many websites, even when it is in the background and apparently idle. In the last two or three weeks, it has tried to access about sixty websites that Little Snitch (Macintosh) reports by IP address, not domain name. Without knowing the domain name, I cannot tell what Thunderbird is trying to do, so I do not allow it to access those sites. I know that Firefox does this also and that Thunderbird is built on Firefox. In the Mullvad browser, built on Tor's browser, which is, in turn, built on Firefox, this problem is resolved by setting an option to use the user's default DNS resolver. I cannot find such an option in Thunderbird. Might there be one in a configuration setting? Or some other way to deal with this matter? Thanks for any help. Rick

所有回覆 (5)

more options

You can probably set a custom DNS in Settings/Network & Disk Space, Connection, but I would first check the domains for the IP addresses with any of a number of online services. The domains are probably the sources of remote images in html messages.

有幫助嗎?

more options

Thanks, sfhowes.

All the IP addresses that I checked are at big tech data centers. They would not be for remote images because I don't allow remote images in Thunderbird. I don't know why Thunderbird tries to access 27 Microsoft servers that are not needed for e-mail functions. Maybe for links in Exchange messages?

I changed a config editor setting, network.connectivity-service.DNS_HTTPS.domain, to remove cloudflare-dns.com. I am optimistic about this change because I think it will cause DNS calls to be resolved by my usual service instead of Cloudflare. Then I should be able to see the domains that Thunderbird is trying to access by name instead of by IP address.

I don't see an obvious way to change the DNS resolver in Settings - Network & Disk Space, but I don't understand all the options there. Maybe not using any proxy would have the effect that I want?

Rick

有幫助嗎?

more options

re we discussing the limitations of apple software. The tool replorts IP addresses. It needs an upgrade.

Personally I use windows and the ping command as that resolves the IP address on screen. No major looking up required.

Personally I would change to DNS over HTTPs in settings. It is more secure. The only down side is traffic into the USA where all internet traffic (originating outside the USA?) is intercepted, analysed and saved. But you do not have to use cloudflare. It is just convenient. BUt using the default DNS which is not encrypted is a huge security hole. One you can only close by hosting your own on site DNS. That is often complex, slow and prone top being out of date.

As the the DNS requests are now encrypted between your device and the responding DNS server when using DNS over HTTPS . DNS is no longer a convenient plain text way to snoop your browsing history. It sounds to me like you are trying to improve your security by resuming unencrypted DNS lookups as that is the standard and default DNS for every operating system I have even had.

What I do know is If I wanted to protect my privacy I would not be using email hosted anywhere but Germany. Everyone else thinks the government has the right to read your email and keeps passing legislation to give their enforcement greater and greater powers to just look at whenever they want and force the companies that are doing the hosting to provide the data to them in an unencrypted format. German privacy rules largely prevent that privacy creep that is occurring in all the jurisdictions I follow. The five eyes

The number of URLS at microsft could well be linked to the required usage of oAuth. It is loaded to the gills with redirects in Microsoft's "modern authentication" implementation. The only one that could explain that would probably be Microsoft

There is a lot of talk about China and what their government requires companies to do at the request of government agencies, personally I do not see them all that much different to my own country which is rated as the "most free" in the world in this matter.

有幫助嗎?

more options

Thanks for your thoughts, Matt.

My software reports domain names, not IP addresses, almost all the time. Thunderbird/Firefox create many exceptions, so I am seeking a solution there.

I have good privacy protection in my DNS look-ups already. I do not need it in Thunderbird.

The connections to Microsoft's data servers are not for authorization.

Anything else would be off topic, so I will end here.

Rick

有幫助嗎?

more options

In case this information helps someone else:

The IP addresses at Microsoft seem to be related to calendar services.

Changing the config editor setting, network.connectivity-service.DNS_HTTPS.domain, to remove cloudflare-dns.com did not stop IP addresses from being reported through Little Snitch.

Whether or not turning off Cloudflare DNS is a good thing is another topic.

有幫助嗎?

問個問題

如果您還沒有帳號,您必須先登入帳號 來回覆文章。還沒有帳號的話,只能發問新問題