Thunderbird in VeraCrypt & Rule Funk

I’ve been using Mozilla Thunderbird since v0.5 and I forgot exactly when I began using Haller’s portable version in a TruCrypt container - a looooong time. (Currently I run TB 38.7.2 in a 1GB VeraCrypt 1.19.4 container with Twofish/Serpent, HMAC_Whirlpool and a 4-digit volume iterations multiplier.) POP3 on secure ports to my one ISP account is its only purpose over the years, both professionally and personal on my “no-gaming production” i7-3770/Z77 Win7 HP SP1 x64 system. The mail in this profile dates back to Outlook Express in Windows 95 and some Outlook PSTs.

I’ve supported enterprise email and messaging in Widows, Novell and Unix. And firewalls.

I had been using GW Free with a 3 PC license Bitdefender Internet Security 2015, 2016 and 2107.

I now run recently licensed GW Pro on one Windows 10 and two 7 systems (and Basic on another 10 system) as I’ve abandoned BD. So, it’s all-out Windows Firewall for the first time in ages; Comodo, Online Armor, Sunbelt and Malware Defender having been favorites.

Here’s the glitch now: every time I run TB I have to make sure I delete its rule under the GW Firewall tab.

If I don’t, I can’t retrieve; the client stalls at “checking messages.” There is no connection to the ISP (monitored with Nirsoft CurrPorts).

So, the routine is… Open TB, hit “Get Messages” in TB, hit GW Allow, hit “Get Messages” again, note the “First network activity,” do email, close TB, delete the GW rule.

If I forget to delete the rule, I’m reminded I brain locked the last time and close TB, delete the rule and open TB again.

It seems that GW is confused by the TB executable from each new VeraCrypt session.

Other than your @{Glasswire.application} for TB there is no other rule(s) for it in WFW Advanced Security.

As I use Pop Peeper to monitor this POP3 ISP account and six other Web accounts, I don’t need TB more than once or twice a day (if that). It’s an annoyance I can live with.

The purpose of this posting is to inquire if you developers have noted this behavior and if so if there is a workaround or fix? Any ideas?

Other than that, Glasswire rocks. Couldn’t think of webbuhnetzin’ without it. Cheers.


Thanks for using GlassWire!

Your scenario is a bit complicated and I haven’t heard or tested anything similar before so I’m not really sure what to recommend. I will discuss your situation with our team and see if they have tried anything like this and if they have any suggestions.

If you think it could be a bug with GlassWire you could try uninstalling it, then going to your Windows Firewall settings and choosing “restore defaults” then reboot, then reinstall our latest GlassWire version with the clean option and see if it properly keeps the rules. If it does not then it must be related to the changing encryption somehow.

Update: I found I don’t need to do the “So, the routine is…” as I described above.

Prior to running TB, I just change the Firewall status from “Ask To Connect” to “Click to block.” When done with TB, return to “Ask To Connect.”


My setup is related: I have certain software (Putty, FileZIlla, and more) on an encrypted VeraCrypt/TrueCrypt volume.

As the volume is mounted after login, it is also AFTER the Windows Firewall is initialized.
As far as I was informed in the Microsoft forums, a rule is ignored if the program does not exist when the firewall starts.

It is suggested (and maybe GlassWire could offer a feature for that) that a restart of the firewall service can solve this without the need to remove/readd the rule again.