I am struggling with thunderbird’s “autoconfig” feature (the one that is for the same purpose as MS outlook’s “autodiscover” feature, but each has different specs, of course).

Following the documentation on…

(Author: Ben Bucksch; last modified Aug 30, 2019)

…I created a CNAME record for autoconfig.test.xy, pointing to the hostname of my server (where autoconfig-XML is enabled under both http and https).

Because I do not want to

  • create a autoconfig.-webserver directly for test.xy

  • have a certificate issued and included (for https)

  • take care of other equipment and configuration there

  • do the same in the future again for test2.xy, test3.xy etc etc etc.

And for the same reason I do not want what the specs on MDN suggest as “Version without an autoconfig DNS Entry”. That would still not save me from getting a certificate for the test domains (the owners of them might want certificates from a different CA, and/or there are restrictions caused by the server equipment - like no SNI on mail services but at the same time no individual IP addresses per domain, or no http service enabled and therefore no letsencrypt certificate applicable).

So, it’s better to have one single autoconfig host commonly in charge for all domains. And what the specs published on MDN say about CNAME matches exactly that idea (On the bottom of section “Mechanisms” there is a notice that SRV perhaps one day could equally work).

But TB (tested and found here with v60.9.1 due to particular addons not yet available for newer TB) does not look up the XML URL (following the pattern described in the same section but with the hostname published in the CNAME RR instead of autoconfig.test.xy).

Instead TB says to its user, typical server names and username must be tried.

The hostname’s access log does not show any logged request from the account creation attempt in thunderbird.

While if I request the XML url over firefox, there is a type 200 response with the required XML content.

I consider the CNAME to be published successfully in the nameserver which i think thunderbird would look it up (doing a nslookup to autoconfig.test.xy returns the server’s hostname as expected).

There is no http-to-https-redirection on the webserver with the hostname - which could contribute to a request interruption, theoretically.

Without having the ability to check the nameserver’s log I would now assume that TB (60.9.1) does not follow mozilla’s own specs about the CNAME.

This conclusion is strengthened by checking the specs’ section “Mechanisms”, where the CNAME method is neither described in the unordered list nor in the numbered list.

If anyone can confirm my conclusion, then I propose not only to rework the published specs but also to provide any mechanism that saves users from above listed domain-specific equipment and work to make autoconfig “run”, be it the CNAME method or a outlook-styled SRV method.

Else, where may the bug be?