1
1
Some time ago I downloaded a portable version of Mozilla Thunderbird email client form
Today I looked at its TCP connections:
23.52.27.27 a23-52-27-27.deploy.static.akamaitechnologies.com Akamai Technologies, Hamburg, Germany
api.opencandy.com
Does this mean that Thunderbird Portable contains spyware/adware?
What utility are you using to view TCP connections? And how do you know that these connections are actually being made from Thunderbird? – misha256 – 2017-04-09T20:54:48.287
I updated the question. – and his dog – 2017-04-09T21:19:54.947
Can you check if the connections are being made only when you open/view certain emails? I could be wrong but my feeling is that some emails you are opening/viewing may contain embedded content (e.g. images) that Thunderbird must download from the servers you mention. On my end I use Outlook 2013 and, by default, it blocks this kind of content unless you allow it. Maybe Thunderbird has a similar option? – misha256 – 2017-04-09T21:29:27.523
Yes, indeed Thunderbird has such an option and it is enabled. The program is not allowed to download remote content without my express consent. Moreover, it does not load the body of a letter automatically, it requires a click, and yet it connects to those IPs right after I start the program, before I open any emails. – and his dog – 2017-04-09T21:42:39.093