12 Jan
2025
12 Jan
'25
3:34 p.m.
Greets, everybody . . .
I've hesitated to bring this up because I'm doing something that I think is
not supported by anyone involved. But maybe I'm just missing something
simple, so I thought I'd ask. I beg your forbearance, because the
explanation is long.
I use ProtonMail. PrnotMail offers an application-filter thing called
ProtonBridge; without it one is stuck with Proton's webmail, which is a
pain for many reasons, not least that it's impossible to reply to a
message at the bottom.
ProtonBridge is a fairly large thing that does the encryption/decryption of
outgong/incoming messages respectively. Instead of having an actual
address for the mail server, Bridge requires we use 127.0.0.1. and port
1143 for incoming and 1025 for outgoing. Fine so far.
The Bridge was released about five years ago. I set it up and it worked
just fine, allowing me to keep an email archive here on the local machine,
as well as otherwise use KMail as I have for lo, these many years.
Then a couple years ago things began to go pearshaped from time to time. I
would receive pop-up KMail errors that KMail could not mark the message as
read, couldn't write to the server. As I have mentioned before, it began
to get double listings for incoming messages, the first blank.
Making it maddening is that there's no consistency to it. Sometimes it
happens and sometimes it doesn't, in both cases. I keep my software up to
date, including TDE and ProtonBridge. I cannot point to the exact time it
began.
At about the same time, everytime I opened KMail I couldn't do anything
until it downloaded every message I had receiced since forever. I normally
read and respond to messages, then move them to the appropriate ones among
a miltitude of maildir directories I keep here, and for the longest time
that was the end of it, but there was a change that caused those messages
to be downloaded anew the next time I started KMail.
In that only Thunderbird is supported in Linux by ProtonBridge, I just
lived with it. Then, relatively recently, KMail began to crash. I've filed
the occasional KMail crash report -- btw, the crash report server needs to
renew its certificate. The crashes typically happen when KMail is running
minimized, which I customarily do so I don't have to d/l every email since
Genesis every time I use it.
I suspect it's some configuration thing with KMail that I have wrong -- not
that much to configure with the Bridge -- possibly a permissions issue or
something. What makes it all the more maddening is that it works most of
the time.
When a few days ago KMail threw the error that it couldn't write to te
server, I sent the report to Proton. As usual, they replied promptly. As
usual, the reply wasn't of much help, to wit:
"Currently, we are testing Bridge on Outlook, Apple Mail, and Thunderbird.
Other clients should also be compatible but we cannot guarantee that all
of the features will work properly, as this largely depends on the
implementation of the IMAP and SMTP protocols in that client.
"You read about this in detail on the link below:
https://proton.me/support/clients-supported-bridge "
I'd really like to sort this out, but I do not know enough about mail
handling to know even where to begin to look. I renamed my top-level mail
directory (~/Mail, created when I was using KDE-1.0 and with messages
going back that far) and letting it start anew, but there was no
improvement.
I shall continue to use ProtonMail and would very much like to continuing
to use KMail-Trinity. But I kinda hate this.
Anybody know the solution?
--
dep
Pictures: http://www.ipernity.com/doc/depscribe/album
Column: https://ofb.biz/author/dep/
12 Jan
12 Jan
11:56 p.m.
On 12/01/2025 15:34, dep via tde-users wrote:
Greets, everybody . . .
I've hesitated to bring this up because I'm doing something that I think is
not supported by anyone involved. But maybe I'm just missing something
simple, so I thought I'd ask. I beg your forbearance, because the
explanation is long.
I have never ued ProtonMail but the symptoms you describe could well
occur with a dodgy underlying filesystem. Read/write, timestamp, access
permissions etc could all be related to a filesystem issue caused by
intermittent hardware issues.
You say you tried renaming the top-level directory, have you tried
moving it to a different disk?
Good luck.
--
Michael Howard.
13 Jan
13 Jan
12:23 a.m.
said Michael Howard via tde-users:
| On 12/01/2025 15:34, dep via tde-users wrote:
| > Greets, everybody . . .
| >
| > I've hesitated to bring this up because I'm doing something that I
| > think is not supported by anyone involved. But maybe I'm just missing
| > something simple, so I thought I'd ask. I beg your forbearance,
| > because the explanation is long.
|
| I have never ued ProtonMail but the symptoms you describe could well
| occur with a dodgy underlying filesystem. Read/write, timestamp, access
| permissions etc could all be related to a filesystem issue caused by
| intermittent hardware issues.
Thanks. No haven't moved it to a different drive. Did rename it back,
though, and in the process some of the writes to local disk got better, as
in my having moved 2500 messages to their appropriate subdirectories
without event.
(One probably unrelated issue that probably *is* due to KMail is that if I
click on a link in KMail it does not go to that link, it goes to
some /tmp/ file and never carries me to the linked site. I can, though,
copy the link and open it in the browser no problem.)
Am poking my way through this as methodically as I can. We'll see where it
leads.
Is there a way to force reindexing of all the messages in all the
subdirectories under ~/Mail?
--
dep
Pictures: http://www.ipernity.com/doc/depscribe/album
Column: https://ofb.biz/author/dep/
4:40 a.m.
dep via tde-users wrote:
I shall continue to use ProtonMail and would very much
like to continuing
to use KMail-Trinity. But I kinda hate this.
Anybody know the solution?
Hard to say what could be the solution.
First of all never write directly to maildir folder and never delete or
change whatever there - let the client do this for you.
KMail-Trinity has some issues even without a bridge. I use it extensively
with IMAP and from time to time it crashes.
You have to distinguish the local maildir and the IMAP (incl. protonmail).
From what I read I understood you have an issue with your local mail - it
would be good if we could exclude one or the other.
The downloading of mails after crash could mean the index is broken (it
would also explain showing up two same messages)
12:43 p.m.
said deloptes via tde-users:
| dep via tde-users wrote:
| > I shall continue to use ProtonMail and would very much like to
| > continuing to use KMail-Trinity. But I kinda hate this.
| >
| > Anybody know the solution?
|
| Hard to say what could be the solution.
|
| First of all never write directly to maildir folder and never delete or
| change whatever there - let the client do this for you.
|
| KMail-Trinity has some issues even without a bridge. I use it
| extensively with IMAP and from time to time it crashes.
|
| You have to distinguish the local maildir and the IMAP (incl.
| protonmail).
|
| From what I read I understood you have an issue with your local mail -
| it would be good if we could exclude one or the other.
|
| The downloading of mails after crash could mean the index is broken (it
| would also explain showing up two same messages)
There's clearly something flaky at ProtonMail, too. If, for instance, I
mark all messages as read in my KMail inbox, they become UNread on my
other devices connected to ProtonMail.
That having been said, is there a way to force a reindex of themail
directories in KMail, the way the disk itself is checked periodically when
Linux is booted? Years ago on occasion KMail itself would throw an error
saying it needed to do this, but I know of no way of invoking it manually.
--
dep
Pictures: http://www.ipernity.com/doc/depscribe/album
Column: https://ofb.biz/author/dep/
1:31 p.m.
On Monday 13 January 2025 13:43:24 dep via tde-users wrote:
That having been said, is there a way to force a
reindex of themail
directories in KMail, the way the disk itself is checked periodically when
Linux is booted? Years ago on occasion KMail itself would throw an error
saying it needed to do this, but I know of no way of invoking it manually.
I think that deleting the *.index and *.index.ids and *.index.sorted files in
~/.trinity/share/apps/kmail/mail should have this result.
I tried deleting these for just one of my directories and it worked: the index
is re-created.
Thierry
1:52 p.m.
said Thierry de Coulon via tde-users:
| On Monday 13 January 2025 13:43:24 dep via tde-users wrote:
| > That having been said, is there a way to force a reindex of themail
| > directories in KMail, the way the disk itself is checked periodically
| > when Linux is booted? Years ago on occasion KMail itself would throw
| > an error saying it needed to do this, but I know of no way of invoking
| > it manually.
|
| I think that deleting the *.index and *.index.ids and *.index.sorted
| files in ~/.trinity/share/apps/kmail/mail should have this result.
|
| I tried deleting these for just one of my directories and it worked: the
| index is re-created.
Thank you. Though I believe the indices are located in my ~/Mail directory,
not up in the hidden configuration files. (I agree with whomever it was
who said it's nuts to put the actual mail itself up among the config
files. Apparently it wasn't always that way, in that my mail directory is
down among user files because it inherited it from KDE-1.x days. lot of
stuff that has been here for 25 years or more.)
Strangely, since I complained about it, KMail and ProtonMail/Bridge have
been playing nicely together. So it could be that the people at Proton
took a look and saw something and fixed it.So for now I'm going to keep my
fingers crossed rather than experiment.
--
dep
Pictures: http://www.ipernity.com/doc/depscribe/album
Column: https://ofb.biz/author/dep/
3:36 p.m.
On Monday 13 January 2025 14:52:31 dep via tde-users wrote:
Thank you. Though I believe the indices are located in
my ~/Mail directory,
Yes, I think I remember it was so in KDE (1?,2?,3?), don't remember why and
when it changed. Anyway my kmail directory is actually a symlink to some
other location, so where it links is not very relevant...
1:40 p.m.
dep via tde-users wrote:
said deloptes via tde-users:
| dep via tde-users wrote:
| > I shall continue to use ProtonMail and would very much like to
| > continuing to use KMail-Trinity. But I kinda hate this.
| >
| > Anybody know the solution?
|
| Hard to say what could be the solution.
|
| First of all never write directly to maildir folder and never delete or
| change whatever there - let the client do this for you.
|
| KMail-Trinity has some issues even without a bridge. I use it
| extensively with IMAP and from time to time it crashes.
|
| You have to distinguish the local maildir and the IMAP (incl.
| protonmail).
|
| From what I read I understood you have an issue with your local mail -
| it would be good if we could exclude one or the other.
|
| The downloading of mails after crash could mean the index is broken (it
| would also explain showing up two same messages)
There's clearly something flaky at ProtonMail, too. If, for instance, I
mark all messages as read in my KMail inbox, they become UNread on my
other devices connected to ProtonMail.
Time ago I looked into protonmail, but could not find a reason to use it,
although some friends are paying for the service. I doubt that KMail is fit
for such use case
That having been said, is there a way to force a
reindex of themail
directories in KMail, the way the disk itself is checked periodically when
Linux is booted? Years ago on occasion KMail itself would throw an error
saying it needed to do this, but I know of no way of invoking it manually.
I don't know how to reindex.
What do you have under .trinity/share/apps/kmail/imap
There is no disk check at boot AFAIK, except the system was not shut down
properly (and this applies only to root partition).
ProtonMail is just a pass through, you may too many messages and there is a
time out, or you have a firewall that breaks the connection or who knows
what.
sorry
--
dep
Pictures: http://www.ipernity.com/doc/depscribe/album
Column: https://ofb.biz/author/dep/
____________________________________________________
tde-users mailing list -- users(a)trinitydesktop.org
To unsubscribe send an email to users-leave(a)trinitydesktop.org
Web mail archive available at
https://mail.trinitydesktop.org/mailman3/hyperkitty/list/users@trinitydeskt…
2:02 p.m.
said deloptes via tde-users:
| Time ago I looked into protonmail, but could not find a reason to use
| it, although some friends are paying for the service. I doubt that KMail
| is fit for such use case
Okay, thanks for your opinion on this.
| There is no disk check at boot AFAIK, except the system was not shut
| down properly (and this applies only to root partition).
There is a disk check of course when a disk is not cleanly exited, but it
applies to all drives/partitions, at least on my system. There is also an
automatic check on boot when it hasn't been checked for a certain pariod
of time or number of reboots. I believe that this is a setting that can be
changed, though I've never found a need to change it from the defaults.
| ProtonMail is just a pass through, you may too many messages and there
| is a time out, or you have a firewall that breaks the connection or who
| knows what.
No, ProtonMail is a real, live cloud mail system. I would prefer that it
behaved more like a normal mail system because I do not like or trust the
cloud. And ProtonMail Bridge is a specific encryption/decryption program.
And I got it working with KMail while it was still in beta and was
definitely unsupported. Problem is that "improvements" in ProtonMail
Bridge or Kmail or both in recent years seem to have nibbled away at their
reliability. Though at the moment everything seems to have become fine,
due to no effort on my part.
--
dep
Pictures: http://www.ipernity.com/doc/depscribe/album
Column: https://ofb.biz/author/dep/
14 Jan
14 Jan
2:30 a.m.
On 1/12/25 9:34 AM, dep via tde-users wrote:
I use ProtonMail. PrnotMail offers an
application-filter thing called
ProtonBridge; without it one is stuck with Proton's webmail, which is a
pain for many reasons, not least that it's impossible to reply to a
message at the bottom.
ProtonBridge is a fairly large thing that does the encryption/decryption of
outgong/incoming messages respectively. Instead of having an actual
address for the mail server, Bridge requires we use 127.0.0.1. and port
1143 for incoming and 1025 for outgoing. Fine so far.
Be very, very wary....
Protonmail is not accepted by my server and many others due to it routing mail
though APNIC servers in PRC. Starting several years ago, I have an engineering
company I host that found it could no longer receive mail from proton mail. A
quick investigation showed it could no longer receive mails due to the
protonmail server being blocked at the firewall. It was banned by fail2ban due
to repeated illegal intrusion attempts from that same IP. (dovecot:auth failures)
I know I'm not the only one that now blocks protonmail IPs at the firewall.
Just a guess, but given the distributed nature of the wonderful net, if kmail
receives header information from an open IP, but the remainder of the message
is blocked somewhere along the way at one of the hops close to your delivery
point - I could see kmail being quite confused. The same distributed nature of
the net should also provide an automatic re-route, but if it run into another
block elsewhere I could see a problem like you describe. traceroute on the
sender/server IP may turn up something (low probability, but worth doing)
Like I said this is a GUESS, but I can see this becoming a bigger issue as
temporary bans come on/off IP addresses. I am seeing just over 1000 brute
force attempts per-month (with hundreds of thousands of bad-actor IPs already
blocked by ipset).
It may also be that protonbridge causes the mail header to be seen by kmail
with some non-standard additions in it used by the web-mail UI that most
current mail packages accept. The old "Internet Explorer" type adherence to
standards applied to mail... It would be really interesting if you could pin
down an error message (hopefully with debug info) from kmail that shows where
kmail is unhappy. (and it may just be a corner-case issue that doesn't throw
an error or exception).
I'll keep following this thread. I'm interested in what turns up and if it
provides a way for me to loosen protonmail restrictions.
--
David C. Rankin, J.D.,P.E.
12:58 p.m.
said David C. Rankin via tde-users:
| Be very, very wary....
I do not know what you're talking about here.
| Protonmail is not accepted by my server and many others due to it
| routing mail though APNIC servers in PRC. Starting several years ago, I
| have an engineering company I host that found it could no longer receive
| mail from proton mail. A quick investigation showed it could no longer
| receive mails due to the protonmail server being blocked at the
| firewall. It was banned by fail2ban due to repeated illegal intrusion
| attempts from that same IP. (dovecot:auth failures)
The next email I send over ProtonMail that is not accepted by a server will
be the first.
--
dep
Pictures: http://www.ipernity.com/doc/depscribe/album
Column: https://ofb.biz/author/dep/
15 Jan
15 Jan
1:30 p.m.
On 1/14/25 6:58 AM, dep via tde-users wrote:
The next email I send over ProtonMail that is not
accepted by a server will
be the first.
That's good news. Maybe proton now uses country based virtual servers (as it
should have done from the beginning). If you can, send a reply to me directly.
That will give me the header info coming from proton instead of the TDE list.
Thanks.
--
David C. Rankin, J.D.,P.E.
14 Jan
14 Jan
2:49 p.m.
said David C. Rankin via tde-users:
| Be very, very wary....
|
| Protonmail is not accepted by my server and many others due to it
| routing mail though APNIC servers in PRC. Starting several years ago, I
| have an engineering company I host that found it could no longer receive
| mail from proton mail. A quick investigation showed it could no longer
| receive mails due to the protonmail server being blocked at the
| firewall. It was banned by fail2ban due to repeated illegal intrusion
| attempts from that same IP. (dovecot:auth failures)
|
| I know I'm not the only one that now blocks protonmail IPs at the
| firewall. Just a guess, but given the distributed nature of the
| wonderful net, if kmail receives header information from an open IP, but
| the remainder of the message is blocked somewhere along the way at one
| of the hops close to your delivery point - I could see kmail being quite
| confused. The same distributed nature of the net should also provide an
| automatic re-route, but if it run into another block elsewhere I could
| see a problem like you describe. traceroute on the sender/server IP may
| turn up something (low probability, but worth doing)
|
| Like I said this is a GUESS, but I can see this becoming a bigger issue
| as temporary bans come on/off IP addresses. I am seeing just over 1000
| brute force attempts per-month (with hundreds of thousands of bad-actor
| IPs already blocked by ipset).
|
| It may also be that protonbridge causes the mail header to be seen by
| kmail with some non-standard additions in it used by the web-mail UI
| that most current mail packages accept. The old "Internet Explorer" type
| adherence to standards applied to mail... It would be really interesting
| if you could pin down an error message (hopefully with debug info) from
| kmail that shows where kmail is unhappy. (and it may just be a
| corner-case issue that doesn't throw an error or exception).
|
| I'll keep following this thread. I'm interested in what turns up and if
| it provides a way for me to loosen protonmail restrictions.
I've spent much of this morning along with others trying to figure out what
you're talking about, there being no connection whatsoever between Proton
and China. Here's the most likely explanation offered:
"No, it's likely just a person not being able to differentiate .ch
(Confoederatio Helvetica) - Switzerland's top level domain, with .cn which
is China's Top level domain."
--
dep
Pictures: http://www.ipernity.com/doc/depscribe/album
Column: https://ofb.biz/author/dep/
7:31 p.m.
dep via tde-users wrote:
"No, it's likely just a person not being able
to differentiate .ch
(Confoederatio Helvetica) - Switzerland's top level domain, with .cn which
is China's Top level domain."
this is absolutely true - ProtonMail is located in Switzerland.
Are you using their hosting service as well?
I do not think it is bad in itself, but just thinking that you are more
secure makes you less secure.
The best way to get secure communication is to do it off-line. This means
1. use a device for encryption/decryption without internet connection
2. use a device for transfering messages with internet connection
Too many people died using same device for all shit in once.
For 99.99% of the people this is absolutely an overkill. It is enough to use
gpg and watch out what you write inside anyway.
BR
9:35 p.m.
said deloptes via tde-users:
| dep via tde-users wrote:
| > "No, it's likely just a person not being able to differentiate .ch
| > (Confoederatio Helvetica) - Switzerland's top level domain, with .cn
| > which is China's Top level domain."
|
| this is absolutely true - ProtonMail is located in Switzerland.
Yes. I know. I've been a subscriber since the beta days. I posted the above
in response to the person who went on here about ProtonMail being Chinese
in some fashion and how it is being blocked, neitherof which is true.
(Though some places block ProtonVPN and other VPNs. That is their right,
as it is my right to respond by doing business with somebody else.)
I'm beginning to see why it can be a bad idea to trim the quotes. I
foolishly assumed people answering the question would know what the
question was. It was some strange interaction between my local KMail and
my local ProtonMail Bridge. Which has been resolved, apparently, though I
do not know if they fixed it in Switzerland or if my copying my ~/Mail
directory fixed something that had gotten garbled.
| Are you using their hosting service as well?
What do you mean by hosting service? They're not my internet provider but
instead a protection from my internet provider. To the best of my
knowledge they do not offer hosting.
| I do not think it is bad in itself, but just thinking that you are more
| secure makes you less secure.
That's not a very usefu thing to say, for a couple of reasons. First, it's
like saying that locking the door makes it more likely there will be
burglars. Second, one can assume secure communications only if you know
the person on the other end is also on ProtonMail. That having been said,
ProtonMail itself has never been cracked.
| The best way to get secure communication is to do it off-line. This
| means 1. use a device for encryption/decryption without internet
| connection 2. use a device for transfering messages with internet
| connection
An interesting answer. I'll keep it in case that's ever a question I have.
| Too many people died using same device for all shit in once.
| For 99.99% of the people this is absolutely an overkill. It is enough to
| use gpg and watch out what you write inside anyway.
I'm glad you have found the answer for what you do. If what you're saying
is play stupid games, win stupid prizes, you are right. If what you are
saying is that people should carefully research the applications they
trust to preserve their privacy, you are absolutely right. (If Meta owns
it, for instance, you cannot trust it.) If you are saying to assume that
practically everyone is an idiot when it comes to security and privacy,
you are right.
--
dep
Pictures: http://www.ipernity.com/doc/depscribe/album
Column: https://ofb.biz/author/dep/
10:26 p.m.
dep via tde-users wrote:
| I do not think it is bad in itself, but just
thinking that you are more
| secure makes you less secure.
That's not a very usefu thing to say, for a couple of reasons. First, it's
like saying that locking the door makes it more likely there will be
burglars. Second, one can assume secure communications only if you know
the person on the other end is also on ProtonMail. That having been said,
ProtonMail itself has never been cracked.
the comparison is very good. Locking the door does not mean that someone
would not break in. It is just a safety measure. and using a sophisticated
lock provides more security, which does not mean, that someone can not
break in. Even GPG can be cracked - it is just a matter of computation
power. So what is the advantage of protonmail over GPG ... this is what I
am trying to understand all the time.
| The best way to get secure communication is to do it
off-line. This
| means 1. use a device for encryption/decryption without internet
| connection 2. use a device for transfering messages with internet
| connection
An interesting answer. I'll keep it in case that's ever a question I have.
yes, keep in mind, that someone is reading your screen while you are typing
or doing whatever you do (think on Pegasus).
| Too many people died using same device for all shit in once.
| For 99.99% of the people this is absolutely an overkill. It is enough to
| use gpg and watch out what you write inside anyway.
I'm glad you have found the answer for what you do. If what you're saying
is play stupid games, win stupid prizes, you are right. If what you are
saying is that people should carefully research the applications they
trust to preserve their privacy, you are absolutely right. (If Meta owns
it, for instance, you cannot trust it.) If you are saying to assume that
practically everyone is an idiot when it comes to security and privacy,
you are right.
No,no, I am serios and I am talking about real people, being really killed
because they thought they use OTP apps on the phone with encryption:
politicians, journalists, scientists etc. Cars are blowing up or being
hacked and malfunction leading to deadly incidents. Last example comes to
mind is the pagers accident in Lebanon. But avg people do not have to worry
that much. The point is naive and stupid live shorter.
BR
5
days inactive
8
days old
16 comments
5 participants
participants (5)
-
David C. Rankin -
deloptes -
dep -
Michael Howard -
Thierry de Coulon