Mozilla has released Thunderbird version 145 of its widely adopted free and open-source desktop email client, now available for download.
One of the most notable additions is that the app now supports Exchange Web Services natively. This long-awaited feature simplifies the connection to corporate email systems, eliminating the need for third-party extensions. The update also allows manual configuration of EWS accounts directly within the Account Hub.
Another notable addition is the support for DNS-over-HTTPS, a modern DNS mechanism that encrypts DNS queries, preventing potential eavesdropping or manipulation by intermediaries.
The Account Hub, the new centralized interface for adding, managing, and configuring email and other communication accounts within Thunderbird, introduces manual email configuration options in this version and enhances accessibility with improved narration for error notifications and close buttons.
Additionally, several bugs affecting Exchange authentication, address book behavior, and visual overlays have been fixed. And now, something important: Thunderbird 145 discontinues 32-bit Linux x86 binaries, aligning the project with modern 64-bit computing standards.
Moreover, the term “Junk” has been replaced with “Spam” across the interface for consistency with other mail clients. The update also retires Skype integration from the Address Book’s instant messaging options.
Apart from that, Thunderbird 145 addresses a wide range of issues, from message handling to accessibility. Key fixes include:
- Visual polish and usability tweaks throughout the interface.
- “Save All” attachments now display a warning before overwriting files.
- Resolved repeated message header downloads on startup.
- Drag-and-drop for ICS files now works in the Today Pane.
- External GnuPG configuration prompts users correctly for public key imports.
- The Menu Bar now remains visible after upgrading.
Lastly, it’s worth noting that the Account Hub now correctly creates “Sent” and “Spam” folders for new IMAP accounts, and authentication issues affecting some Yahoo backend users have been resolved.
For more information, see the announcement. Thunderbird 145 is available as a direct download from thunderbird.net.
DNS-over-HTTPS does not prevent potential eavesdropping or manipulation by intermediaries. It centralizes eavesdropping, manipulation, and adds more control for an adversary.
Of course it would be good to have encrypted DNS traffice. But DNS-over-HTTPS is not a solution, nor is DNS-over-TLS.
The basic problem is that most people use the DNS server provided by the ISP instead of operating their own local DNS server with proper configuration (avoiding a central DNS server). Operating and using your own DNS server is really simple. Just do not use any forwarders.
Besides, there is still the issue of control over the DNS root servers. But at least we have alternative root servers available. DNS-over-HTTPS would not give you that freedom.
And then there is always the possibility that a rogue ISP may intercept and manipulate all DNS traffic, in particular if you live under a totalitarian regime.
The bottom line is that if you just send DNS requests to a forwarder, then encryption makes no difference. You simply replace one central eavesdropping by another one.