I'm having emails sent to me from me (that I didn't send). For POP3 settings are "normal password" & SSL/TLS (connection security). Is my password encrypted?
I'm using Linux Mint, with Tbird version 38.4.0. The first time someone sent me an email purporting to be from me, I was using a previous version of Tbird (since it gets periodically updated). When I first discovered the email spoofing, I changed passwords. That helped for a little while. But then it happened again. For a while, I was using webmail because of this spoofing and had no spoofing occur. I went back to Tbird because it's so much nicer to use, and can keep my emails. I use a much more robust password, but the spoofing just happened again! My current password is very long, contains capital/lowercase mixture, has numbers, and is not a word in any language. I use Linux Mint, so unlikely to have malware or a virus keylogging me. I run antivirus programs on it periodically.
When changing the authentication method from "normal password" to "encrypted password" in Tbird, I get the error message saying that my provider doesn't support encrypted passwords. However, my connection security is SSL/TLS for which Tbird does not give me an error window. Does that mean, for a POP3 session using "normal password", during authentication of my Tbird client to the server, that my password is sent in the clear (unencrypted)? Seems that's the only logical explanation.
Thanks, and my apologies if this is the 1000th time this question has been asked...
All Replies (3)
Have someone send you the offending email message back to you as an attachment, or since you're receiving them yourself, you may already have one to hand. View it, use ctrl+u to see its source. That should allow you to see where it was sent from. I'd bet it wasn't you, but someone else using your address in the "From:" box.
Edeziri
SSL and TLS are used to encrypt the connection between you and your email server, and this is used principally to safeguard your login credentials. The message continues its onwards journey from your SMTP server to the recipient's POP or IMAP server unencrypted. If you want true end-to-end encryption, look at S/MIME or GPG, and then try to convince all your correspondents this is a good idea. Many of them will have email clients that don't know what to do with an encrypted message. :-(
One of the Thunderbird experts will give you a better and full answer. My initial thoughts are.
Two main possibilities.
- Someone is hacking into your email, and must have your password.
- It is just a spoof. And it is not from your account at all.
From what you say this appears the more likely issue.
If it is a spoof you will not be seeing activity on the account and it will not have been compromised. Look at the full unformatted email headers to discover who it is really from. I am not sure we have an article explaining that but see
- http://email.about.com/od/mozillatips/qt/et043001.htm
- http://kb.mozillazine.org/Window_layout_-_Thunderbird#Headers_pane
- Display name in message list and message pane
- See also Thunderbird and Junk / Spam Messages
- Gmails explanatory Reading full email headers