Greets, everybody . . .
I've hesitated to bring this up because I'm doing something that I think is not supported by anyone involved. But maybe I'm just missing something simple, so I thought I'd ask. I beg your forbearance, because the explanation is long.
I use ProtonMail. PrnotMail offers an application-filter thing called ProtonBridge; without it one is stuck with Proton's webmail, which is a pain for many reasons, not least that it's impossible to reply to a message at the bottom.
ProtonBridge is a fairly large thing that does the encryption/decryption of outgong/incoming messages respectively. Instead of having an actual address for the mail server, Bridge requires we use 127.0.0.1. and port 1143 for incoming and 1025 for outgoing. Fine so far.
The Bridge was released about five years ago. I set it up and it worked just fine, allowing me to keep an email archive here on the local machine, as well as otherwise use KMail as I have for lo, these many years.
Then a couple years ago things began to go pearshaped from time to time. I would receive pop-up KMail errors that KMail could not mark the message as read, couldn't write to the server. As I have mentioned before, it began to get double listings for incoming messages, the first blank.
Making it maddening is that there's no consistency to it. Sometimes it happens and sometimes it doesn't, in both cases. I keep my software up to date, including TDE and ProtonBridge. I cannot point to the exact time it began.
At about the same time, everytime I opened KMail I couldn't do anything until it downloaded every message I had receiced since forever. I normally read and respond to messages, then move them to the appropriate ones among a miltitude of maildir directories I keep here, and for the longest time that was the end of it, but there was a change that caused those messages to be downloaded anew the next time I started KMail.
In that only Thunderbird is supported in Linux by ProtonBridge, I just lived with it. Then, relatively recently, KMail began to crash. I've filed the occasional KMail crash report -- btw, the crash report server needs to renew its certificate. The crashes typically happen when KMail is running minimized, which I customarily do so I don't have to d/l every email since Genesis every time I use it.
I suspect it's some configuration thing with KMail that I have wrong -- not that much to configure with the Bridge -- possibly a permissions issue or something. What makes it all the more maddening is that it works most of the time.
When a few days ago KMail threw the error that it couldn't write to te server, I sent the report to Proton. As usual, they replied promptly. As usual, the reply wasn't of much help, to wit:
"Currently, we are testing Bridge on Outlook, Apple Mail, and Thunderbird. Other clients should also be compatible but we cannot guarantee that all of the features will work properly, as this largely depends on the implementation of the IMAP and SMTP protocols in that client.
"You read about this in detail on the link below: https://proton.me/support/clients-supported-bridge "
I'd really like to sort this out, but I do not know enough about mail handling to know even where to begin to look. I renamed my top-level mail directory (~/Mail, created when I was using KDE-1.0 and with messages going back that far) and letting it start anew, but there was no improvement.
I shall continue to use ProtonMail and would very much like to continuing to use KMail-Trinity. But I kinda hate this.
Anybody know the solution?
On 12/01/2025 15:34, dep via tde-users wrote:
Greets, everybody . . .
I've hesitated to bring this up because I'm doing something that I think is not supported by anyone involved. But maybe I'm just missing something simple, so I thought I'd ask. I beg your forbearance, because the explanation is long.
I have never ued ProtonMail but the symptoms you describe could well occur with a dodgy underlying filesystem. Read/write, timestamp, access permissions etc could all be related to a filesystem issue caused by intermittent hardware issues.
You say you tried renaming the top-level directory, have you tried moving it to a different disk?
Good luck.
said Michael Howard via tde-users: | On 12/01/2025 15:34, dep via tde-users wrote: | > Greets, everybody . . . | > | > I've hesitated to bring this up because I'm doing something that I | > think is not supported by anyone involved. But maybe I'm just missing | > something simple, so I thought I'd ask. I beg your forbearance, | > because the explanation is long. | | I have never ued ProtonMail but the symptoms you describe could well | occur with a dodgy underlying filesystem. Read/write, timestamp, access | permissions etc could all be related to a filesystem issue caused by | intermittent hardware issues.
Thanks. No haven't moved it to a different drive. Did rename it back, though, and in the process some of the writes to local disk got better, as in my having moved 2500 messages to their appropriate subdirectories without event.
(One probably unrelated issue that probably *is* due to KMail is that if I click on a link in KMail it does not go to that link, it goes to some /tmp/ file and never carries me to the linked site. I can, though, copy the link and open it in the browser no problem.)
Am poking my way through this as methodically as I can. We'll see where it leads.
Is there a way to force reindexing of all the messages in all the subdirectories under ~/Mail?
dep via tde-users wrote:
I shall continue to use ProtonMail and would very much like to continuing to use KMail-Trinity. But I kinda hate this.
Anybody know the solution?
Hard to say what could be the solution.
First of all never write directly to maildir folder and never delete or change whatever there - let the client do this for you.
KMail-Trinity has some issues even without a bridge. I use it extensively with IMAP and from time to time it crashes.
You have to distinguish the local maildir and the IMAP (incl. protonmail).
From what I read I understood you have an issue with your local mail - it would be good if we could exclude one or the other.
The downloading of mails after crash could mean the index is broken (it would also explain showing up two same messages)
said deloptes via tde-users: | dep via tde-users wrote: | > I shall continue to use ProtonMail and would very much like to | > continuing to use KMail-Trinity. But I kinda hate this. | > | > Anybody know the solution? | | Hard to say what could be the solution. | | First of all never write directly to maildir folder and never delete or | change whatever there - let the client do this for you. | | KMail-Trinity has some issues even without a bridge. I use it | extensively with IMAP and from time to time it crashes. | | You have to distinguish the local maildir and the IMAP (incl. | protonmail). | | From what I read I understood you have an issue with your local mail - | it would be good if we could exclude one or the other. | | The downloading of mails after crash could mean the index is broken (it | would also explain showing up two same messages)
There's clearly something flaky at ProtonMail, too. If, for instance, I mark all messages as read in my KMail inbox, they become UNread on my other devices connected to ProtonMail.
That having been said, is there a way to force a reindex of themail directories in KMail, the way the disk itself is checked periodically when Linux is booted? Years ago on occasion KMail itself would throw an error saying it needed to do this, but I know of no way of invoking it manually.
On Monday 13 January 2025 13:43:24 dep via tde-users wrote:
That having been said, is there a way to force a reindex of themail directories in KMail, the way the disk itself is checked periodically when Linux is booted? Years ago on occasion KMail itself would throw an error saying it needed to do this, but I know of no way of invoking it manually.
I think that deleting the *.index and *.index.ids and *.index.sorted files in ~/.trinity/share/apps/kmail/mail should have this result.
I tried deleting these for just one of my directories and it worked: the index is re-created.
Thierry
said Thierry de Coulon via tde-users: | On Monday 13 January 2025 13:43:24 dep via tde-users wrote: | > That having been said, is there a way to force a reindex of themail | > directories in KMail, the way the disk itself is checked periodically | > when Linux is booted? Years ago on occasion KMail itself would throw | > an error saying it needed to do this, but I know of no way of invoking | > it manually. | | I think that deleting the *.index and *.index.ids and *.index.sorted | files in ~/.trinity/share/apps/kmail/mail should have this result. | | I tried deleting these for just one of my directories and it worked: the | index is re-created.
Thank you. Though I believe the indices are located in my ~/Mail directory, not up in the hidden configuration files. (I agree with whomever it was who said it's nuts to put the actual mail itself up among the config files. Apparently it wasn't always that way, in that my mail directory is down among user files because it inherited it from KDE-1.x days. lot of stuff that has been here for 25 years or more.)
Strangely, since I complained about it, KMail and ProtonMail/Bridge have been playing nicely together. So it could be that the people at Proton took a look and saw something and fixed it.So for now I'm going to keep my fingers crossed rather than experiment.
On Monday 13 January 2025 14:52:31 dep via tde-users wrote:
Thank you. Though I believe the indices are located in my ~/Mail directory,
Yes, I think I remember it was so in KDE (1?,2?,3?), don't remember why and when it changed. Anyway my kmail directory is actually a symlink to some other location, so where it links is not very relevant...
dep via tde-users wrote:
said deloptes via tde-users: | dep via tde-users wrote: | > I shall continue to use ProtonMail and would very much like to | > continuing to use KMail-Trinity. But I kinda hate this. | > | > Anybody know the solution? | | Hard to say what could be the solution. | | First of all never write directly to maildir folder and never delete or | change whatever there - let the client do this for you. | | KMail-Trinity has some issues even without a bridge. I use it | extensively with IMAP and from time to time it crashes. | | You have to distinguish the local maildir and the IMAP (incl. | protonmail). | | From what I read I understood you have an issue with your local mail - | it would be good if we could exclude one or the other. | | The downloading of mails after crash could mean the index is broken (it | would also explain showing up two same messages)
There's clearly something flaky at ProtonMail, too. If, for instance, I mark all messages as read in my KMail inbox, they become UNread on my other devices connected to ProtonMail.
Time ago I looked into protonmail, but could not find a reason to use it, although some friends are paying for the service. I doubt that KMail is fit for such use case
That having been said, is there a way to force a reindex of themail directories in KMail, the way the disk itself is checked periodically when Linux is booted? Years ago on occasion KMail itself would throw an error saying it needed to do this, but I know of no way of invoking it manually.
I don't know how to reindex. What do you have under .trinity/share/apps/kmail/imap There is no disk check at boot AFAIK, except the system was not shut down properly (and this applies only to root partition).
ProtonMail is just a pass through, you may too many messages and there is a time out, or you have a firewall that breaks the connection or who knows what.
sorry
-- dep
Pictures: http://www.ipernity.com/doc/depscribe/album Column: https://ofb.biz/author/dep/
tde-users mailing list -- users@trinitydesktop.org To unsubscribe send an email to users-leave@trinitydesktop.org Web mail archive available at
https://mail.trinitydesktop.org/mailman3/hyperkitty/list/users@trinitydeskto...
said deloptes via tde-users:
| Time ago I looked into protonmail, but could not find a reason to use | it, although some friends are paying for the service. I doubt that KMail | is fit for such use case
Okay, thanks for your opinion on this.
| There is no disk check at boot AFAIK, except the system was not shut | down properly (and this applies only to root partition).
There is a disk check of course when a disk is not cleanly exited, but it applies to all drives/partitions, at least on my system. There is also an automatic check on boot when it hasn't been checked for a certain pariod of time or number of reboots. I believe that this is a setting that can be changed, though I've never found a need to change it from the defaults.
| ProtonMail is just a pass through, you may too many messages and there | is a time out, or you have a firewall that breaks the connection or who | knows what.
No, ProtonMail is a real, live cloud mail system. I would prefer that it behaved more like a normal mail system because I do not like or trust the cloud. And ProtonMail Bridge is a specific encryption/decryption program. And I got it working with KMail while it was still in beta and was definitely unsupported. Problem is that "improvements" in ProtonMail Bridge or Kmail or both in recent years seem to have nibbled away at their reliability. Though at the moment everything seems to have become fine, due to no effort on my part.
On 1/12/25 9:34 AM, dep via tde-users wrote:
I use ProtonMail. PrnotMail offers an application-filter thing called ProtonBridge; without it one is stuck with Proton's webmail, which is a pain for many reasons, not least that it's impossible to reply to a message at the bottom.
ProtonBridge is a fairly large thing that does the encryption/decryption of outgong/incoming messages respectively. Instead of having an actual address for the mail server, Bridge requires we use 127.0.0.1. and port 1143 for incoming and 1025 for outgoing. Fine so far.
Be very, very wary....
Protonmail is not accepted by my server and many others due to it routing mail though APNIC servers in PRC. Starting several years ago, I have an engineering company I host that found it could no longer receive mail from proton mail. A quick investigation showed it could no longer receive mails due to the protonmail server being blocked at the firewall. It was banned by fail2ban due to repeated illegal intrusion attempts from that same IP. (dovecot:auth failures)
I know I'm not the only one that now blocks protonmail IPs at the firewall. Just a guess, but given the distributed nature of the wonderful net, if kmail receives header information from an open IP, but the remainder of the message is blocked somewhere along the way at one of the hops close to your delivery point - I could see kmail being quite confused. The same distributed nature of the net should also provide an automatic re-route, but if it run into another block elsewhere I could see a problem like you describe. traceroute on the sender/server IP may turn up something (low probability, but worth doing)
Like I said this is a GUESS, but I can see this becoming a bigger issue as temporary bans come on/off IP addresses. I am seeing just over 1000 brute force attempts per-month (with hundreds of thousands of bad-actor IPs already blocked by ipset).
It may also be that protonbridge causes the mail header to be seen by kmail with some non-standard additions in it used by the web-mail UI that most current mail packages accept. The old "Internet Explorer" type adherence to standards applied to mail... It would be really interesting if you could pin down an error message (hopefully with debug info) from kmail that shows where kmail is unhappy. (and it may just be a corner-case issue that doesn't throw an error or exception).
I'll keep following this thread. I'm interested in what turns up and if it provides a way for me to loosen protonmail restrictions.
said David C. Rankin via tde-users:
| Be very, very wary....
I do not know what you're talking about here.
| Protonmail is not accepted by my server and many others due to it | routing mail though APNIC servers in PRC. Starting several years ago, I | have an engineering company I host that found it could no longer receive | mail from proton mail. A quick investigation showed it could no longer | receive mails due to the protonmail server being blocked at the | firewall. It was banned by fail2ban due to repeated illegal intrusion | attempts from that same IP. (dovecot:auth failures)
The next email I send over ProtonMail that is not accepted by a server will be the first.
On 1/14/25 6:58 AM, dep via tde-users wrote:
The next email I send over ProtonMail that is not accepted by a server will be the first.
That's good news. Maybe proton now uses country based virtual servers (as it should have done from the beginning). If you can, send a reply to me directly. That will give me the header info coming from proton instead of the TDE list.
Thanks.
said David C. Rankin via tde-users:
| Be very, very wary.... | | Protonmail is not accepted by my server and many others due to it | routing mail though APNIC servers in PRC. Starting several years ago, I | have an engineering company I host that found it could no longer receive | mail from proton mail. A quick investigation showed it could no longer | receive mails due to the protonmail server being blocked at the | firewall. It was banned by fail2ban due to repeated illegal intrusion | attempts from that same IP. (dovecot:auth failures) | | I know I'm not the only one that now blocks protonmail IPs at the | firewall. Just a guess, but given the distributed nature of the | wonderful net, if kmail receives header information from an open IP, but | the remainder of the message is blocked somewhere along the way at one | of the hops close to your delivery point - I could see kmail being quite | confused. The same distributed nature of the net should also provide an | automatic re-route, but if it run into another block elsewhere I could | see a problem like you describe. traceroute on the sender/server IP may | turn up something (low probability, but worth doing) | | Like I said this is a GUESS, but I can see this becoming a bigger issue | as temporary bans come on/off IP addresses. I am seeing just over 1000 | brute force attempts per-month (with hundreds of thousands of bad-actor | IPs already blocked by ipset). | | It may also be that protonbridge causes the mail header to be seen by | kmail with some non-standard additions in it used by the web-mail UI | that most current mail packages accept. The old "Internet Explorer" type | adherence to standards applied to mail... It would be really interesting | if you could pin down an error message (hopefully with debug info) from | kmail that shows where kmail is unhappy. (and it may just be a | corner-case issue that doesn't throw an error or exception). | | I'll keep following this thread. I'm interested in what turns up and if | it provides a way for me to loosen protonmail restrictions.
I've spent much of this morning along with others trying to figure out what you're talking about, there being no connection whatsoever between Proton and China. Here's the most likely explanation offered:
"No, it's likely just a person not being able to differentiate .ch (Confoederatio Helvetica) - Switzerland's top level domain, with .cn which is China's Top level domain."
dep via tde-users wrote:
"No, it's likely just a person not being able to differentiate .ch (Confoederatio Helvetica) - Switzerland's top level domain, with .cn which is China's Top level domain."
this is absolutely true - ProtonMail is located in Switzerland. Are you using their hosting service as well?
I do not think it is bad in itself, but just thinking that you are more secure makes you less secure.
The best way to get secure communication is to do it off-line. This means 1. use a device for encryption/decryption without internet connection 2. use a device for transfering messages with internet connection
Too many people died using same device for all shit in once. For 99.99% of the people this is absolutely an overkill. It is enough to use gpg and watch out what you write inside anyway.
BR
said deloptes via tde-users: | dep via tde-users wrote: | > "No, it's likely just a person not being able to differentiate .ch | > (Confoederatio Helvetica) - Switzerland's top level domain, with .cn | > which is China's Top level domain." | | this is absolutely true - ProtonMail is located in Switzerland.
Yes. I know. I've been a subscriber since the beta days. I posted the above in response to the person who went on here about ProtonMail being Chinese in some fashion and how it is being blocked, neitherof which is true. (Though some places block ProtonVPN and other VPNs. That is their right, as it is my right to respond by doing business with somebody else.)
I'm beginning to see why it can be a bad idea to trim the quotes. I foolishly assumed people answering the question would know what the question was. It was some strange interaction between my local KMail and my local ProtonMail Bridge. Which has been resolved, apparently, though I do not know if they fixed it in Switzerland or if my copying my ~/Mail directory fixed something that had gotten garbled.
| Are you using their hosting service as well?
What do you mean by hosting service? They're not my internet provider but instead a protection from my internet provider. To the best of my knowledge they do not offer hosting.
| I do not think it is bad in itself, but just thinking that you are more | secure makes you less secure.
That's not a very usefu thing to say, for a couple of reasons. First, it's like saying that locking the door makes it more likely there will be burglars. Second, one can assume secure communications only if you know the person on the other end is also on ProtonMail. That having been said, ProtonMail itself has never been cracked.
| The best way to get secure communication is to do it off-line. This | means 1. use a device for encryption/decryption without internet | connection 2. use a device for transfering messages with internet | connection
An interesting answer. I'll keep it in case that's ever a question I have.
| Too many people died using same device for all shit in once. | For 99.99% of the people this is absolutely an overkill. It is enough to | use gpg and watch out what you write inside anyway.
I'm glad you have found the answer for what you do. If what you're saying is play stupid games, win stupid prizes, you are right. If what you are saying is that people should carefully research the applications they trust to preserve their privacy, you are absolutely right. (If Meta owns it, for instance, you cannot trust it.) If you are saying to assume that practically everyone is an idiot when it comes to security and privacy, you are right.
dep via tde-users wrote:
| I do not think it is bad in itself, but just thinking that you are more | secure makes you less secure.
That's not a very usefu thing to say, for a couple of reasons. First, it's like saying that locking the door makes it more likely there will be burglars. Second, one can assume secure communications only if you know the person on the other end is also on ProtonMail. That having been said, ProtonMail itself has never been cracked.
the comparison is very good. Locking the door does not mean that someone would not break in. It is just a safety measure. and using a sophisticated lock provides more security, which does not mean, that someone can not break in. Even GPG can be cracked - it is just a matter of computation power. So what is the advantage of protonmail over GPG ... this is what I am trying to understand all the time.
| The best way to get secure communication is to do it off-line. This | means 1. use a device for encryption/decryption without internet | connection 2. use a device for transfering messages with internet | connection
An interesting answer. I'll keep it in case that's ever a question I have.
yes, keep in mind, that someone is reading your screen while you are typing or doing whatever you do (think on Pegasus).
| Too many people died using same device for all shit in once. | For 99.99% of the people this is absolutely an overkill. It is enough to | use gpg and watch out what you write inside anyway.
I'm glad you have found the answer for what you do. If what you're saying is play stupid games, win stupid prizes, you are right. If what you are saying is that people should carefully research the applications they trust to preserve their privacy, you are absolutely right. (If Meta owns it, for instance, you cannot trust it.) If you are saying to assume that practically everyone is an idiot when it comes to security and privacy, you are right.
No,no, I am serios and I am talking about real people, being really killed because they thought they use OTP apps on the phone with encryption: politicians, journalists, scientists etc. Cars are blowing up or being hacked and malfunction leading to deadly incidents. Last example comes to mind is the pagers accident in Lebanon. But avg people do not have to worry that much. The point is naive and stupid live shorter.
BR
-
David C. Rankin -
deloptes -
dep -
Michael Howard -
Thierry de Coulon