For many years, Rochelle used Netscape Communicator for her email. About a year and a half ago, I switched her to Mozilla Thunderbird, which is the code and user-interface successor to Communicator. For the most part it works very well, but it has one astonishing omission: its anti-virus capabilities are terrible.
This is all the more remarkable given their tagline (“Reclaim Your Inbox”), and the second sentence of their Why Use Thunderbird blurb: “We designed Thunderbird to prevent viruses and to stop junk mail so you can get back to reading your mail.” Thunderbird is positioned as the more user-centric, safer alternative to Microsoft Outlook.
For the most part, that’s well-deserved. Thunderbird isn’t riddled with security problems like Outlook, and it comes with built-in anti-spam features that are quite a bit more effective than those that are built into Outlook.
But the reality is that, even if your email client isn’t itself a security disaster waiting to happen, if you use Windows, you need anti-virus protection, because you’re definitely going to get viruses and worms and trojans in your Inbox, and once they’re in your Inbox, one wrong click and your computer is hosed. And it’s in dealing with these threats where Thunderbird falls down.
In the mozilla.org Thunderbird Help section, this is the only “useful” information about what to do about viruses:
As with any mail program, take proper caution before running any file that you receive in e-mail. Appropriate anti-virus software should also help keep you safer.
With a little more work, you might follow links to a third-party site with an anti-virus knowledgebase article that is by turns unusable, out of date, and a recommendation against Thunderbird. You definitely finish reading that article thinking that no major anti-virus software vendor supports Thunderbird — and you’d be right.
In Rochelle’s case, Norton Anti-Virus has corrupted her Thunderbird Inbox multiple times, causing her to lose all of her messages. (Fortunately she’s mostly using Gmail these days.) I’ve spent hours looking into this, and there is basically no good configuration for using Norton and Thunderbird together. (It does not help that Norton has a truly abysmal user interface.) I’d switch Rochelle to McAffee, except I can’t find good configuration information for that combination, either.
The worst part is the Thunderbird developers seem to take the attitude that the problem is the anti-virus software vendors’ fault. This defect was reported in 2001, and is still marked as open in their defect tracking system. After four years of end users losing email, I would think they might start to realize that they need to work with the commercial anti-virus software vendors to get compatibility.
Failing that, there are some pretty good Open Source anti-virus tools for Windows. How about incorporating one of those into Thunderbird? Or picking one to make the “official” anti-virus software to use with Thunderbird, and giving clear, complete directions for how to install and use it with Thunderbird? (I’ve read good things about ClamWin.)
I can understand the impulse to blame the anti-virus vendors for not working with Thunderbird. Technically, it is their fault. But from the perspective of a Thunderbird user, rather than developer, I just want Rochelle’s Inbox to be protected, both from incoming malware and from the scanners that do the protecting.
Right now, Thunderbird the product can’t provide that. From an end-user’s perspective, that’s Thunderbird’s fault.