We’re back with our Monthly Release recap! Thunderbird 144.0 readies the way for Exchange Web Services support, makes reordering your folders easier, and adds a new UI for TLS certificate handling. Additionally, we’ve fixed a dark mode toggle bug for High Contrast Mode users.
A quick reminder – these updates are for users on our monthly Thunderbird Release channel. For our users still on the ESR (Extended Standard Release) channel, these updates won’t land until next July 2026. For more information on the differences between the channels and how to make the switch:
Support for Exchange Web Service (EWS) Email in Account Hub
As part of our preparation for EWS support officially landing next month in Thunderbird 145.0, you’ll notice EWS accounts as an option in the Account Hub. We will have more detailed blog posts and support articles available next month describing what is and isn’t supported.
Benefits:
This gives us a chance to gradually ready the app and users for our newest protocol
We recently introduced drag and drop folder reordering, and in 144, we’re making it better. A new widget shows where your folder is going. We also fixed an issue that prevented the visual from showing. We removed the jitters when positioning between folders, and Improved consistency by using the same indicator used to reorder tabs and attachments.
Benefits:
More control over drag-and- performance with fewer folders going to the wrong location
More visual consistency
New UI for TLS Certificate Handling
While power users might be comfortable handling TLS certificates, average Thunderbird users might not know what to do when Thunderbird doesn’t trust a server’s certificate. This UI makes these issues, when they occur, harder to ignore and easier to diagnose and fix, even for less tech-savvy users.
The new UI will mark the server red, with a clickable icon that takes users to an updated server settings. There, users can view certificates and add or remove certificate override exceptions.
Benefits:
Increased security for the average Thunderbird user
Easier access, via the server settings, to certificate actions
Bug Fixes:
Dark mode won’t go away for messages in High Contrast Mode
Our High Contrast Mode users noticed the new toggle for messages in dark mode wasn’t appearing. Starting in Thunderbird 144, dark message mode will not be activated when in High Contrast mode, respecting the colors and priority of that accessibility setting.
Benefits:
Consistent use of system colors when in High Contrast Mode
More respectful of user settings
You can find a complete list of updates and bug fixes that went into Thunderbird 144.0 in our Release Notes.
Thank you for using Thunderbird and for supporting our mission to bring a truly independent, open‑source email experience. Your feedback and enthusiasm drive every improvement we make — and we can’t wait to share more with you in the next release.
Hello again from the Thunderbird development team! This month’s sprints have been about focus and follow-through, as we’ve tightened up our new Account Hub experience and continued the deep work on Exchange Web Services (EWS) support. While those two areas have taken centre stage, we’ve also been busy adapting to a wave of upstream platform changes that demanded careful attention to keep everything stable and our continuous integration systems happy. Alongside this, our developers have been lending extra support to the Services team to ensure a smooth path for upcoming releases. It’s been a month of steady, detail-oriented progress – the kind that doesn’t always make headlines, but lays the groundwork for the next leaps forward.
Exchange Web Services support announcement for 145
While support for Microsoft Exchange via EWS landed in Thunderbird 144, the new “Account Hub” setup interface had a few outstanding priorities which required our attention. Considering that the announcement of EWS support will likely generate a large spike in secondary account additions, we felt it important enough to delay the announcement in order to polish the setup interface and make the experience better for the users taking advantage of the new features. The team working on the “back end” took the opportunity to deliver more features that had been in our backlog and address some bugs that were reported by users who are already using EWS on Beta and Daily:
Offline message policy
Soft delete / copy to Trash
Empty Trash
Notifications with message preview
Reply-to multiple recipients bug
Mark Folder as read
Experimental tenant-specific configuration options (behind a preference) now being tested with early adopters
Looking ahead, the team is already focused on our work week where we’ll have chance to put plans in place to tackle some architectural refactoring and the next major milestones in our EWS implementation for Calendar and Address Book.
We were also delighted to work with a community contributor who has been hard at work on adding support for the FindItem operation. We know some of our workflows are tricky so we very much appreciate the support and patience required!
We’ve now added the ability to manually edit any configuration from the first screen. This effectively bypasses the simpler detection methods which don’t work for every configuration. Upon detection failure, a user is now able to switch between protocols and choose EWS configuration.
Other notable items being rolled into 145 are:
Redirect warning and handling to prevent a hang for platforms using autodiscover on a 3rd party server
Authentication step added for Exchange discovery requiring credentials
Ability to cancel the account configuration detection process
Improvements to the experience for users with screen reading technology
The creation of address books through the Account Hub is now the experience by default on 145 which is coming to Beta release users this week and monthly Release users before I write next.
With the front end team mainly focused on Account Hub, the Calendar UI project has moved slowly this past month. We’ve concentrated the continued work in the following areas:
Acceptance widget
Title and close button
Dialog repositioning on resize
Migrating calendar strings from legacy .dtd files into modern .ftl files and preserving translations to avoid repeat work for our translation community.
Maintenance, Upstream adaptations, Recent Features and Fixes
With our focused maintenance sprint over, the team kept the Fluent Migration and moz-src migration projects moving in the background. They also handled another surge of upstream changes requiring triage. In addition to these items, the development community has helped us deliver a variety of improvements over the past month:
If you would like to see new features as they land, and help us find some early bugs, you can try running daily and check the pushlog to see what has recently landed. This assistance is immensely helpful for catching problems early.
This week Microsoft released the final free monthly update to Windows 10. While this marks the end of support from Microsoft, Firefox will continue to support Windows 10 for the foreseeable future.
If you remain on Windows 10, you will continue to get the same updates to Firefox you do today, with all of our latest feature improvements and bug fixes. This includes our commitment to resolve security vulnerabilities as rapidly as we can, sometimes in less than 24 hours, with special security updates. Windows 10 remains a primary platform for Firefox users. Unlike older versions of Windows like Windows 7 and 8, where Mozilla is only offering security updates to Firefox, Windows 10 will get the latest and greatest features and bug fixes just like users on Windows 11.
Should you upgrade to Windows 11?
While Mozilla will continue to deliver the latest updates to Firefox on Windows 10, security online also requires continued updates from Microsoft to Windows 10 itself, and to the many other software and devices that you use on your Windows 10 computer. That’s why we recommend upgrading to Windows 11 if your computer supports it. You can find out if your PC can run Windows 11 and upgrade to it for free from your Windows update settings. With this option, when you start up Windows 11 for the first time you’ll find that Firefox is still installed, and all of your data and settings are just like you left them.
If your computer cannot run Windows 11, or you wish to remain on Windows 10 for other reasons, your next best option is to make sure you’re getting “extended security updates” from Microsoft. While these updates won’t deliver new Windows features or non-security bug fixes, they will fix security vulnerabilities that are found in Windows 10 in the future. You should see an option to “enroll” in these updates in your Windows update settings, and if you choose the “Windows Backup” option you’ll get the updates for free. Microsoft has more information on Windows 10 extended security updates if you have other questions.
Preparing for a device upgrade or new PC
If you get a new Windows 11 PC you might be surprised to see that even if you used Windows Backup, non-Microsoft apps like Firefox haven’t migrated with you. You will typically get a link in your start menu or on your desktop to re-install Firefox, and after it’s installed you’ll find that everything is “fresh” — without your bookmarks, saved passwords, browsing history, or any of your other data and settings.
This can be frustrating, but we do have a solution for you if you prepare in advance and back up your data using Firefox sync through a Mozilla account. To get started with sync, just choose “sign in” from the Firefox toolbar or menu, and we’ll walk you through the quick process of creating a Mozilla account and enabling sync.
Firefox sync helps transfer your data securely
Sync isn’t just for people who have Firefox running on more than one computer. It’s also a safe way to back up your data and protect yourself against a lost laptop, a computer that breaks down or is damaged, or your own excited forgetfulness if you get rid of your old PC the moment you get a new one. And what many Firefox users may not realize is that Firefox sync is “end-to-end encrypted,” which is a fancy way of saying that not even Mozilla can read your data. Without your password, which we don’t know, your data is an indecipherable scramble even to us. But it’s safe on our servers nonetheless, which means that if you find yourself with a new PC and a “fresh” Firefox, all you need to do is log in and all your bookmarks, passwords, history and more will quickly load in.
Meanwhile, you can also rest assured that if you continue to use Firefox on Windows 10 over the next few years, we’ll let you know through messages in Firefox if there is new information about staying secure and whether our stance regarding our support for Windows 10 needs to change.
Thanks for using Firefox, and know that you can always reach us at Mozilla Connect. We’re eager for your feedback and questions.
What would your browser history say about you? Whether you were getting things done this week or just collecting tabs, a new Firefox extension helps you reflect on your digital habits.
Designed as a personal productivity tool, Fox Recap is a capstone project from a group of college seniors at California State University, Monterey Bay. It categorizes your browsing history, shows how much time you’re spending on different sites, and turns that data into simple visual reports. Everything happens locally on your device, so your information stays private.
How Fox Recap works
Once you download and open the extension on Firefox for desktop, click on settings and grant permission to run the ML engine. From there, you can choose to view your browsing history for today, this week or this month.
Fox Recap then lays out your activity in simple charts and categories like technology, shopping, education and entertainment.
“It’s really a tool for you to know how you use your browser,” said one of the student developers, Taimur Hasan. “Maybe you want to lessen the amount of time you spend on entertainment, and see that you use more education sites.”
Kate Sawtell wanted to create a tool that helps people see how they spend their time on the internet. “As a busy mom with a bunch of side projects, I love how it shows where my time online actually goes,” Kate said. “Am I researching, streaming shows or slipping into online shopping holes? It’s not super serious or judgmental, just a quick snapshot of my habits. Sometimes it makes me feel productive, other times it’s like, wow okay maybe I should chill on the shopping tab.”
<figcaption class="wp-element-caption">Members of the Fox Recap team at California State University, Monterey Bay, presenting their capstone project. Pictured (left to right): Taimur Hasan, Mozilla community manager Matt Cool, Kate Sawtell, and Diego Valdez. Not pictured: Peter Mitchell.</figcaption>
‘Useful AI and strong privacy can coexist’
Firefox machine learning engineer Tarek Ziadé served as a mentor for the project. He was struck by how quickly Taimur, Kate, Diego and Peter internalized both the technical challenges of building AI features and their privacy implications.
“I had assumed younger developers might treat privacy as an afterthought,” Tarek said. “I was wrong. They pushed for privacy by design from the start.”
Taimur, who trained the model himself rather than using an existing one, explained: “It’s not an off-the-shelf model that I pulled off the internet. I trained it myself using my gaming computer.”
Tarek believes that what the group built reflects the direction in which privacy-focused technology is headed.
“Intelligence should be local by default, data should be minimized, and anything that needs to leave the device should be explicit and consented,” Tarek said. “As AI capabilities become a commodity, the differentiator will be trust.”
That’s exactly where Mozilla should be leading, Tarek added: “making high-quality, on-device AI the default, and proving that useful AI and strong privacy can coexist.”
A glimpse of the next generation of web builders
For team member Diego Valdez, the project’s value is personal and practical: “I hope people who use Fox Recap can learn about their browsing activity in an engaging way, in hopes [of helping them] improve their productivity.”
Mozilla community manager Matt Cool sees it in a larger frame. “It’s a scary and exciting time to enter the tech industry,” Matt said. “The next generation of open web builders is already stepping up. Right here in Monterey, they’re building real-world projects, contributing to open-source, and tackling some of the toughest problems facing the future of the web.”
Fox Recap is one of several student projects showcased at this spring’s Capstone Festival by the School of Computing and Design at Cal State Monterey Bay. Professor Bude Su, who chairs the department, emphasized the value of mentorship as students prepare for what comes next.
“Mozilla’s involvement brought an added layer of motivation for our students,” Professor Su said. “The opportunity to work on a real-world project under industry mentorship has been invaluable for our students’ learning and professional growth.”
The collaboration shows what can happen when education, mentorship and Mozilla’s values of openness and trust come together. Fox Recap helps make sense of the tabs we collect, but it also points to something bigger: a new wave of developers building tools that respect the people who use them.
Here at Mozilla, we are the first to admit the internet isn’t perfect, but we know the internet is pretty darn magical. The internet opens up doors and opportunities, allows for human connection, and lets everyone find where they belong — their corners of the internet. We all have an internet story worth sharing. In My Corner Of The Internet, we talk with people about the online spaces they can’t get enough of, the sites and forums that shaped them, and how they would design their own corner of the web.
We caught up with John Sabine, the social media director of Merriam-Webster and Encyclopedia Britannica. He talks about his favorite subreddit, silly deep dives and why his job makes him hopeful about the internet.
What is your favorite corner of the internet?
Honestly, it’s the “AskHistorians” subreddit. It’s one of my few internet habits that I have that has kept up. I can’t recommend it enough. I wish more things were curated with such level of scrutiny and scholarship. If people disagree, they disagree as Ph.D. people disagree. I don’t have a Ph.D., but I imagine it’s respectful. There’s profiles and avatars, but those feel very secondary to the content. You lead with the “what,” and then you can look up the “who” afterwards. I don’t post on Reddit at all; I’m a lurker in general on the internet. So I’m shocked by how many people weigh in on things.
What is an internet deep dive that you can’t wait to jump back into?
I have a bunch of articles that I have bookmarked… and my goal is to read one of the 400 articles I have saved. What I’m looking forward to specifically is just to read an article for joy, that’s not doomscrolling or part of my job. I do feel like when you have this job, you kind of get internet-ed out every day. And also: crosswords. I want to get better at crosswords, if that counts. We have one on merriam-webster.com, and I also do The New York Times, though I rarely finish it.
What’s the last great story that you read?
It was on ringer.com. A writer named Tyler Parker went through NBA names. He just ranked their names, had nothing to do with basketball. I started it before bed, and I was like, “Oh, I’ll skim.” I read every single word. He really thought about the names and how they make people feel. And it’s truly just how they sound like. That’s it. It was written beautifully. That’s a silly one, but I think silly deep dives are probably good for the soul right now.
What is the one tab you always regret closing?
Probably my calendar… And honestly, I always have Merriam-Webster and Britannica up. And I rarely do close them because I always need them for my work.
What can you not stop talking about on the internet right now?
So Merriam-Webster is releasing its first print dictionary in over 20 years. And they made it really pretty, and it feels like a really cool book that you would display. I’m very excited because I’m doing deep dives of old ads for an almost 200-year-old company. There’s a lot of stuff to go through. Some of it we have in the archives, some of it is just out there. So just going through the old print stuff, finding old paper dictionaries. So, like, selfishly, I’m excited for the new collegiate 12th edition.
What was the first online community you engaged with?
I’m a lurker, so engagement is a lot for me. The first time I probably posted was on a forum when I moved to Chicago to do improv comedy. There’s a Chicago improv forum and I think I was like, “What show should I see?”
What articles and/or videos are you waiting to read/watch right now?
I’m waiting for the next [recommendation] from my group chats. There are some people that will just send you anything, and you’re like, “OK, thank you for sending me this. I’ll watch 30% of the things you sent.” But there’s the ones that you’re like, “Oh, yeah, gotta watch that.” So I’ve got a couple friends like that, so I hope they send me stuff because Lord knows, the internet’s huge.
Is there anything about the way people engage with Merriam-Webster online that makes you feel hopeful about the internet?
Oh, 4,000%. Yes, doomscrolling is a reality of being online now. I know a lot of people who just step away and go outside and touch grass.
But there’s still good stuff happening. The comment sections on our Instagram and TikTok can actually be really fun. People have genuine, kind, often funny conversations. It’s rarely mean. Seeing that makes me hopeful, because people clearly want wholesome, thoughtful interactions.
People have a personal connection to language. Over time, I’ve seen our audience expand to include all kinds of people who care deeply about words, even if they wouldn’t call themselves “word nerds.” Language is personal, and I think our work celebrates that.
And honestly, I feel more hopeful doing this job on the internet than I think I would if I weren’t doing this work and was just online as a regular user.
John Sabine is the social media director for Merriam-Webster and Encyclopedia Britannica. He is originally from Dallas, Texas, and he’s never once spelled “definitely” correctly on the first try.
At Mozilla, we build Firefox around one principle: putting you in control. With today’s release, we’re introducing new features that make browsing smarter and more personal while staying true to the values you care about most: privacy and choice.
A new option for search, still on your terms.
Earlier this year, we gave you more choice in how you search by testingPerplexity, an AI-powered answer engine, as a search option on Firefox. Now, after positive feedback, we’re making it a fixture, rolling it out to more users for desktop. Perplexity provides conversational answers with citations, so you can validate information without digging through pages of results.
This addition reflects our shared commitment to choice: You decide when to use an AI answer engine, or if you want to use it at all. Available globally, Perplexity can be found in the unified search button in the address bar. We’ll be bringing Perplexity to mobile in the coming months. And as always, privacy matters – Perplexity maintains strict prohibitions against selling or sharing personal data.
Organize your life with profiles
At the beginning of the year, we started testingprofiles — a way to create and switch between different browsing setups. After months of gradual rollout and community feedback, profiles are now available to everyone.
<figcaption class="wp-element-caption">Create and switch between different browsing setups</figcaption>
Profiles let you keep work tabs distinct from personal browsing, or dedicate a setup to testing extensions or managing a specific project. Each profile runs independently, giving you flexibility and focus. Feedback from students, professionals and contributors helped us refine this feature into the version you see today.
Discover more with visual search
In September, we announced visual search on Mozilla Connect and began rolling it out for testing. Powered by Google Lens, it lets you search what you see with a simple right-click on any image.
<figcaption class="wp-element-caption">Search what you see with a simple right-click on an image</figcaption>
You can:
Find similar products, places or objects
Copy, translate or search text from images
Get inspiration for learning, travel or research
This desktop-only feature makes searching more intuitive and curiosity-driven. For now, it requires Google as your default search engine. Tell us what you think. Your feedback will guide where visual search appears next, from the address bar to mobile.
Evolving to meet your needs
Today’s release brings more ways to browse on your terms — from smarter search with Perplexity, to profiles that let you separate work from play, to visual search.
Each of these features reflects what matters most to us: putting you in control of your online experience and building alongside the community that inspires Firefox. With your feedback, we’ll keep shaping a browser that not only keeps pace with the future of the web but also stays true to the open values you trust.
We’re excited to see how you use what’s new, and can’t wait to share what’s next.
Welcome back to our thirteenth episode of State of the Thunder! Nothing unlucky about this latest installment, as Managing Director Ryan Sipes walks us through how Thunderbird creates its roadmap. Unlike other companies where roadmaps are driven solely by business needs, Thunderbird is working with our community governance and feedback from the wider user community to keep us honest even as we move forward.
Want to find out how to join future State of the Thunders? Be sure to join our Thunderbird planning mailing list for all the details.
Open Source, Open Roadmaps
In other companies, product managers tend to draft roadmaps based on business needs. Publishing that roadmap might be an afterthought, or might not happen at all. Thunderbird, however, is open source, so that’s not our process.
A quick history lesson provides some needed context. Eight years ago, Thunderbird was solely a community project driven by a community council. We didn’t have a roadmap like we do today. With the earlier loss of funding and support, the project was in triage mode. Since then, thanks to a wonderful user community who has donated their skill, time, and money, we’ve changed our roadmap process.
The Supernova release (Thunderbird 115) was where we first really focused on making a roadmap with a coherent product vision: a modernized app in performance and appearance. We developed this roadmap with input from the community, even if there was pushback to a UI change.
The 2026 Roadmap Process
At this point, the project has bylaws for the roadmap process, which unites the Thunderbird Council, MZLA staff, and user feedback. Over the past year we’ve added two new roadmaps: one for the Android app and another for ThunderbirdPro. (Note, iOS doesn’t have a roadmap yet. Our current goal is: let’s be able to receive email!) But even with these changes and additions, the Mozilla Manifesto is still at the heart of everything we do. We firmly believe that making roadmaps with community governance and feedback from the larger community keeps us honest and helps us make products that genuinely improve people’s lives.
Want to see how our 2025-2026 Roadmaps are taking shape? Check out the Desktop Roadmap, as well the mobile roadmaps for Android and iOS.
Questions
Integrating Community Contributions
In the past, community contributors have picked up “nice to have” issues and developed them alongside us. Or people want to pursue problems or challenges that affect them the most. Sometimes, either of these scenarios coincide with our roadmap, and we get features like the new drag and drop folders!
Needless to say, we love when the community helps us get the product where we hope it will go. Sometimes, we have to pause development because of shifted priorities, and we’re trying to get better at updating contributors when these shifts happen on places like the tb-planning and mobile-planning mailing lists.
And these community contributions aren’t just code! Testing is a crucial way to help make Thunderbird shine on desktop and mobile. Community suggestions on Mozilla Connect help us dream big, as we discussed in the last two episodes. Reporting bugs, either on Bugzilla for the desktop app or GitHub for the Android app, help us know when things aren’t working. We encourage our community to learn more about the Council, and don’t be afraid to get in touch with them at council@thunderbird.net.
Telemetry and the Roadmap
While we know there are passionate debates on telemetry in the open source community, we want to mention how respectful telemetry can make Thunderbird better. Our telemetry helps us see what features are important, and which ones just clutter up the UI. We don’t collect Personally Identifying Information (PII), and our code is open so you can check us on this. Unlike Outlook, who shares their data with 801 partners, we don’t. You can read all about what we use and how we use it here.
So if you have telemetry turned off, please, we ask you to turn it on, and if it’s already on, to keep it on! Especially if you’re a Linux user, enabling telemetry helps us have a better gauge of our Linux user base and how to best support you.
Roadmap Categories and Organizing
Should we try to ‘bucket’ similar items on our roadmap and spread development evenly between them, or should we concentrate on the bucket that needs it most? The answer to this question depends on who you ask! Sometimes we’re focused on a particular area of focus, like UI work in Supernova and current UX work in Calendar. Sometimes we’re working to pay down tech debt across our code. That effort in reducing tech debt can pave the way for future work, like the current efforts to modernize our database so we can have a true Conversation View and other features. Sometimes roadmaps reveal obstacles you have to overcome, and Ryan thinks we’re getting faster at this.
Where to see the roadmaps
The current desktop roadmap is here, while the current Android roadmap is on our GitHub repo. In the future, we’re hoping to update where these roadmaps live, how they look, and how you can interact with them. (Ryan is particularly partial to Obsidian’s roadmap.) We ultimately want our roadmaps to be storytelling devices, and to keep them more updated to any recent changes.
Each year TIMEspotlights a range of new industry-defining innovations across consumer electronics, health tech, apps and beyond. This year, Firefox’s Shake to Summarize feature made the list for bringing a smart solution to a modern user problem: information overload.
With a single shake or tap, users on iOS devices can get to the heart of an article in seconds. The cool part? Summaries adapt to what you’re reading: recipes pull out the steps for cooking, sports focus on game scores and stats, and news highlights the key takeaways from a story.
“We’re thrilled to see Firefox earn a TIME Best Inventions 2025 Special Mention! Our work on Shake to Summarize reflects how Firefox is evolving,” said Anthony Enzor-DeMeo, general manager of Firefox. “We’re reimagining our browser to fit seamlessly into modern life, helping people browse with less clutter and more focus. The feature is also part of our efforts to give mobile users a cleaner UI and smarter tools that make browsing on the go fast, seamless, and even fun.”
Launched in September 2025 and currently available to English-language users in the U.S., Shake to Summarize generates summaries using Apple Intelligence on iPhone 15 Pro or later running iOS 26 or above, and Mozilla-hosted AI for other devices running iOS 16 or above.
“This recognition is a testament to the incredible work of our UX, design, product, and engineering teams who brought this innovation to life, showcasing that Firefox continues to lead with purpose, creativity, and a deep commitment to user-centric design. Big thank you!” added Enzor-DeMeo.
The Firefox team is working on making the feature available to more users and for those on Android. In the meantime, iOS users can already make the most of Shake to Summarize available in the Apple app store now.
The past twelve months have been another remarkable chapter in Thunderbird’s journey. Together, we started expanding Thunderbird beyond its strong desktop roots, introducing it to smartphones and web browsers to make it more accessible to more people. Thunderbird for Android arrived in the fall and has been steadily improving thanks to our growing mobile team, as well as feedback and contributions from our growing global family. A few months later, in December 2024, we celebrated an extraordinary milestone: 20 years of Thunderbird! We also looked toward a sustainable future with the announcement of Thunderbird Pro, with one of its first services, Appointment, already finding an audience in closed beta.
The past year also saw a shift in how Thunderbird evolves. Although we recently released our latest annual ESR update (codenamed Eclipse), the bigger news is that our team built the new Monthly Release channel, which is now the default for most of you. This change means you’ll see more frequent updates that make Thunderbird feel fresher, more responsive, and more in tune with your personalized needs. Before diving into all the details, I want to pause and express our deepest gratitude to the incredible global community that makes all of this possible. To the hundreds of thousands of people who donated financially, the volunteers who contributed their time and expertise, and the beta testers who carefully helped us polish each update: thank you! Thunderbird thrives because of you. Every milestone we celebrate is a shared achievement, and a shining example of the power of community-driven, open source software development.
Team and Product Updates
Desktop and release updates
In December 2024, we celebrated Thunderbird’s 20th anniversary. Two decades of proving that email software can be both powerful and principled was not without its ups and downs, but that milestone reaffirmed something we hear so often from our community: Thunderbird continues to matter deeply to people all over the world.
One of the biggest changes this year was the introduction of a new monthly release channel, simply called “Thunderbird Release.” Making this shift required an enormous amount of coordination and care across our desktop and release teams. Unlike the long-standing Extended Support Release (ESR), which provides a single major update every July, the new Thunderbird Release delivers monthly updates. This approach means we can bring you useful improvements and new features significantly faster, while keeping the stability and reliability you rely on.
Over the past year, our desktop team focused heavily on introducing changes that people have been asking for. Specifically, changes that make Thunderbird feel more efficient, intuitive, and modern. We improved visual consistency across system themes, gave you more ways to control the appearance of your message lists and how they’re organized, modernized notifications with native OS integration and quick actions, and moved closer to full Microsoft Exchange support.
Many of you who switched from the ESR to the new Thunderbird Release channel started seeing these updates as early as April. For those who stuck with the ESR, the annual update, codenamed Eclipse, arrived in July. Thanks to the solid foundation established in those smaller monthly updates, Eclipse enjoyed the smoothest rollout of any annual release in Thunderbird’s history.
In-depth details on Desktop development can be found in our monthly Developer Digest updates on our blog.
Thunderbird Mobile
Android
It took longer than we originally anticipated, but Thunderbird has finally arrived as a true smartphone app. The launch of Thunderbird for Android in October 2024 was one of our most exciting steps forward in years. Releasing it took more than two years of active development, beta testing, and invaluable community feedback.
This milestone was made possible by transforming the much-loved K-9 Mail app into something we could proudly call Thunderbird. That process included a full redesign of the interface, including bringing it up to modern design standards, and building an easy way for people to bring their existing Thunderbird desktop accounts directly into the Android app.
We’ve been encouraged by the enthusiastic response to Thunderbird on Android, but we’re also listening closely to your feedback. Our team, together with community contributors, has one very focused goal: to make Thunderbird the best Android email app available.
iOS
We’ve also seen the overwhelming demand to build a version of Thunderbird for the iOS community. Unlike the Android app, the iOS app is being built from the ground up.
Fortunately, Thunderbird for iOS took some major steps forward this year. We published the initial repository (a central location for open-source project files and code) for the Thunderbird mobile team and contributors to work together, and we’re laying the groundwork for public testing.
Our goal for the first public alpha will be to support manual account setup and basic inbox viewing to meet Apple’s minimum review standards. These early pre-release versions will be distributed through TestFlight, allowing Thunderbird for iOS to benefit from your real-world feedback.
When we started building Thunderbird for iOS, a core decision was made to use a modern foundation (JMAP) designed for mobile devices. This will allow for, among other advantages, faster mail synchronization and more efficient resource usage. The first pieces of that foundation are already in place, with the basic ability to view folders and messages. We’ve also set up internal tools that will make regular updates, language translations, and community testing possible.
Thunderbird for iOS is still in the early stages of development, but momentum is strong, our team is growing, and we’re confidently moving toward the first community-accessible release.
In depth details on mobile development can be found in our monthly Mobile Progress Report on our blog.
Thundermail and Thunderbird Pro services
It’s no secret we’ve been building additional web services under the Thunderbird Pro name, and 2025 marked a pivotal moment in our vision for a complete, open-source Thunderbird ecosystem.
This year we announced Thundermail, a dedicated email service by Thunderbird. During the past decade, we’ve seen a large move away from dedicated email clients to products like Gmail, partially because of the robust ecosystem around them. The plan for Thundermail is to eventually offer an alternative webmail solution that protects your privacy, and doesn’t use your messages to train AI or show you ads.
Here’s what else we’ve been working on in addition to Thundermail:
During its current beta, Thunderbird Appointment saw great improvements in managing your schedule, with many of the changes focused on reliability and visual polish.
Thunderbird Send, an app for securely sharing encrypted files, also saw forward momentum. Together, these services are steadily moving toward a wider beta launch this fall, and we’re excited to see how you’ll use them to improve your personal and professional lives.
All of the work going into Thundermail and Thunderbird Pro services is guided by a clear goal: providing you with an ethical alternative to the closed-off “walled gardens” that dominate our digital communication. You shouldn’t have to sacrifice your values and give up your personal data to enjoy convenience and powerful features.
In depth details on Thunderbird Pro development can be found in our Thunderbird Pro updates on our blog.
2024 Financial Picture
The generosity of our donors continues to power everything we do, and the importance of these financial contributions cannot be understated. In 2024, the Thunderbird project once again saw continued growth in donations which paved the way for Thundermail and the Thunderbird Pro services you just read about. It also gave us the opportunity to grow our mobile development team, improve our user support outreach, and expand our connections to the community.
Here’s a detailed breakdown of our donation revenue in 2024, and why many of these statistics are so meaningful.
Contribution Revenue
In 2024, financial contributions to Thunderbird reached $10.3 million, representing a 19% increase over the previous year. This support came courtesy of more than 539,000 transactions from more than 335,000 individual donors. A healthy 25% of these contributions were given as recurring monthly support.
What makes this so meaningful to us isn’t the total revenue, or the scale of the donations. It’s how those donations break down. The average contribution was $18.88, with a median of $16.66. Among our recurring donors, the average monthly gift was only $6.25. In fact, 53% of all donations were $20 or less, and 94% were $35 or less. Only 17 contributions were $1,000 or more.
What does this represent when we go beyond the numbers? It means Thunderbird isn’t sustained by a handful of wealthy benefactors or corporate sponsors. Rather, it is sustained by a global community of people who believe in what we’ve built and what we’re still building, and they come together to keep it moving forward.
And that global reach continues to inspire us. We received contributions from more than 200 countries. The top ten contributing countries – Germany, the United States, France, the United Kingdom, Switzerland, the Netherlands, Japan, Italy, Austria, and Canada – accounted for 83% of our total revenue.
But products aren’t just numbers and code. Products are the people that work on them. To support the ambitions of our expanding roadmap, our team grew significantly in 2024. We added 14 new team members throughout the year, closing out 2024 with 43 full-time staff members. Much of this growth strengthened our mobile development, web services, and desktop + release teams. 80% of our staff focuses on technical work – things like product development and infrastructure – but we also added more roles to actively support users, improve community outreach, and smooth out internal operations.
Expenses
When we talk about how we use financial contributions, we’re really talking about investments in our shared values. The majority of our spending goes to personnel; the talented individuals who write code, design interfaces, test features, and support our users. Infrastructure is the next largest expense, followed by administrative costs to keep operations running smoothly.
Below is a breakdown of our 2024 expenses:
Community Snapshot
Contributor & Community Growth
For two decades, Thunderbird has survived and thrived because of its dedicated open-source community. In 2024, we continued using our Bitergia dashboard to give our community a clear view of the project’s overall activity across the board. (You can read more about how we collaborated on and use this beneficial tool here.)
This dashboard helps us track participation, identify and celebrate successes, and find areas to improve, which is especially important as we expand the Thunderbird ecosystem with new products and services.
For this report, we’ve highlighted some of the most notable community metrics and growth milestones from 2024.
For reference, Github and Bugzilla measure developer contributions. TopicBox measures activity across our many mailing lists. Pontoon measures the activity from volunteers who help us translate and localize Thunderbird. SUMO (the Mozilla support website) measures the impact of Thunderbird’s support volunteers who engage with our users and respond to their varied support questions.
We estimate that in 2024, the total number of people who contributed to Thunderbird – by writing code, answering support questions, providing translations, or other meaningful areas – is more than 20,000.
It’s especially encouraging to see the number of translation locales increase from 58 to 70, as Thunderbird continues to find new users around the world.
But there are areas of opportunity, too. For example, making it less complicated for people who want to start contributing to Thunderbird. We’ve started addressing this by recording two Community Office Hours videos, talking about how to write Knowledge Base articles, and how to effectively answer questions on the Mozilla Support website.
Mozilla Connect is another portal that lets anyone interested in the betterment of Thunderbird suggest ideas, openly discuss them, and vote on them. In 2024, four desktop ideas as well as four of your ideas in our relatively new mobile space were implemented, and we saw more than 500 new thoughtful ideas suggested across mobile and desktop. Our staff and community are watching for your ideas, so keep them coming!
Thank you
As we close out this year’s State of the Bird, we want to once again shine a light on the incredible global community of Thunderbird supporters. Whether you’ve contributed your valuable time, financial donations, or simply shared Thunderbird with colleagues, friends, and family, your support continues to brighten Thunderbird’s future.
After all, products aren’t just numbers on a chart. Products are the people who create them, support them, improve them, and believe in crucial concepts like privacy, digital wellbeing, and open standards.
Every part of your life has its own rhythm: work, school, family, personal projects. Beginning Oct. 14, we’re rolling out a new profile management feature in Firefox so you can keep them separate and create distinct spaces — each with its own bookmarks, logins, history, extensions and themes. It’s an easy way to stay organized, focused and private.
Spaces that lighten your load
Profiles don’t just keep you organized; they also reduce data mixing and ease cognitive load. By keeping your different roles online neatly separate, you spend less mental energy juggling contexts and avoid awkward surprises (like your weekend plans popping up in a work presentation). And, like everything in Firefox, profiles are built on our strong privacy foundation.
We also worked with disabled people to make profiles not only compliant, but genuinely delightful to use for everyone. That collaboration shaped everything from the visual design (avatars, colors, naming) to the way profiles keep sensitive data (like medical information) private. It’s an example of how designing for accessibility boundaries benefits all of us.
What makes profiles in Firefox different
Other browsers offer profiles mainly for convenience. Firefox goes further by making them part of our mission to put you in control of your online life.
Privacy first: Firefox is built with privacy as a default. We don’t know your age, gender, precise location, name of your profile, or other information Big Tech collects and profits from. Each profile keeps its own browsing data separate. No mixing, no surprise leaks.
Custom spaces: Pick colors and themes to make each profile easy to spot at a glance. You can even upload your own avatar. Your work profile can feel buttoned-up, while your personal profile reflects your style.
Profiles in Firefox aren’t just a way to clean up your tabs. They’re a way to set boundaries, protect your information and make the internet a little calmer. Because when your browser respects your focus and your privacy, it frees you up to do what actually matters — work, connect, create, explore — on your own terms.
Welcome back to another edition of the Community Office Hours! This month, we’re showing you our first steps towards a long awaited feature: a genuine Conversation View! Our guests are Alessandro Castellani, Director of Desktop and Mobile Apps and Geoff Lankow, Sr. Staff Software Engineer on the Desktop team. They recently attended a work week in Vancouver that brought together developers and designers to create our initial vision and plan to bring Conversation View from dream to reality. Before Geoff flew home, he joined Alessandro and us to discuss his backend database work that will make Conversation View possible. We also had a peek at the workweek itself, other features possible with our new database, and our tentative delivery timeline.
We’ll be back next month with an Office Hours all about Exchange Support for email, which is landing soon in our monthly Release channel.
September Office Hours: Conversation View
Some of you might be asking, “what IS Conversation View?” Basically, it’s a Gmail-like visualization of a message thread when reading emails. So, in contrast to the current threaded view, you have all the messages in a thread. This both includes your replies and any other messages that may have been moved to a different folder.
So, why hasn’t Thunderbird been able to do this already? The short answer is that our code is old. Netscape Navigator old. Our current ‘database,’ Mork, makes a mail folder summary (an .msf file) per folder. These files are text-based unicode and are NOT human readable. In Thunderbird 3, we introduced Gloda, our Global Search and Indexer, to try and work around Mork’s limitations. It indexes what’s in the .msf file and stores the data in a SQLite file. But as you might already know, Gloda itself is clunky and slow.
Modern Solutions for Modern Problems
If we want Conversation View (and other features users now expect), we need to bring Thunderbird further into the 21st century. Hence, our work on a new database, which we’re calling Panorama. It’s a single SQLite database with all your messages. Panorama indexes emails as soon as they’re received, and since it’s SQLite, it’s not only fast, but it can be read by so many tools.
Since all of your messages will be in a single SQLite database, we can do more than enable a true Conversation view. Panorama will improve global search, enable improved filters, and more. Needless to say, we’re excited about all the possibilities!
Conversation View Workweek
To get these possibilities started, we decided to bring developers and designers together for a Conversation View Workweek in Vancouver in early September. This brought people out of Zoom calls, emails, and Matrix messages, and across the Pacific Ocean in Geoff’s case, into one place to discuss technical and design challenges.
We’ve spoken previously about our design system and how we’ve collaborated between design and development on features like Account Hub. In-person collaboration, especially for something as complicated as a new database and message view, was invaluable. By the end of the week, developers and designers alike had plenty to show for their efforts.
Next Steps
Before you get too excited, the new database and Conversation view won’t land until after next year’s ESR release. There’s a lot of work to do, including testing Panorama in a standalone space until we’re ready to run Mork and Panorama alongside each other, along with the old and new code referencing each database. We need the migration to be seamless and easily reversible, and so we want to take the time to get this absolutely right.
Want to stay up to date on our progress? We recommend subscribing to our Planning and UX mailing lists, State of the Thunder videos and blog posts, and the meta bug on Bugzilla.
Advertising can and should work better — for people, for publishers, and for brands. That belief is what drives Mozilla’s growing investment in rebuilding digital advertising around trust, transparency and fairness.
For too long, the web’s primary funding model has relied on hidden data collection and opaque ad systems that work around users instead of with them. Mozilla’s approach is different: We’re building an alternative that aligns commercial success with user respect, giving advertisers new ways to show up responsibly in environments people actually trust.
“Advertising funds the open internet, but it needs a new foundation,” said Suba Vasudevan, COO of Mozilla.org and SVP at Mozilla Corp. “Advertisers have always cared about brand safety. The missing piece has been trust in the platforms where ads run. That’s the gap Mozilla is closing; making the advertising environment itself something that both brands and users can trust. And we do this all while protecting the privacy of our users’ data.”
This week at Advertising Week New York 2025, Mozilla announced a key step in that journey — a partnership with Index Exchange, one of the world’s largest independent ad exchanges. Together, we’re proving that trusted environments can also deliver trusted performance.
“Our partnership with Mozilla demonstrates how programmatic can evolve to create stronger outcomes for brands and better experiences for consumers,” said Lori Goode, CMO of Index Exchange. “By uniting Mozilla’s trusted environment with Index’s infrastructure, we’re building a model of programmatic rooted in quality, accountability, and long-term value.”
Creating a new model for responsible advertising
The collaboration between Mozilla and Index Exchange is part of a larger effort to evolve how advertising supports the open web. It’s about expanding options for marketers who want to reach audiences in ways that are both effective and ethical — replacing tracking-heavy systems with transparent, trust-centered design.
• Scale where it matters. For marketers committed to building on trusted platforms, curated PMP deals with Mozilla and Index Exchange offer a way to connect with engaged audiences in respectful, brand-safe environments — aligning performance goals with user trust in the fastest-growing programmatic channel (~88% of global spend).
• No personal identifiers. Mozilla and Index Exchange ensure that no personal identifiers or cross-site tracking are ever used — reflecting our shared commitment to respect users and create ad experiences people can trust.
• Future-ready monetization. Firefox research shows that even privacy-minded users welcome thoughtful personalization when it improves their experience — but only when delivered responsibly and with clear user control.
• A unique audience opportunity. Firefox reaches hundreds of millions of people worldwide, offering marketers the chance to build connections in a trusted, brand-safe environment with engaged audiences often underrepresented on other platforms.
On stage at Advertising Week New York
Mozilla and Index Exchange will debut the partnership during a keynote conversation, “Adding Trust to Your Ad Buy: The Smartest Spend in Marketing Today,” on the Advertising Week Innovation Stage, Monday, Oct. 6. The session will explore how advertisers can drive performance by investing in trust — not just in creative or campaigns, but in the platforms that power them.
At Mozilla, we’ve always believed that advertising, done responsibly, can help sustain the open web. This partnership is proof of that belief — a tangible example of how innovation and trust can go hand in hand, delivering value for advertisers and for the internet itself. For more about Mozilla Ads, visit: https://www.mozilla.org/en-US/advertising/.
An ads milestone in marketing reach without data risk.
The ad industry is shifting, and with it comes a clear need for advertisers to use data responsibly while still proving impact. Advertisers face a false choice between protecting privacy and proving performance. Anonym exists to prove they can have both — and this week marks a major milestone in that mission.
Today we announced a new partnership with Snap Inc., giving advertisers a way to use more of their first-party data safely and effectively. This collaboration shows what’s possible when privacy and performance go hand in hand: Marketers can unlock real insights into how campaigns drive results, without giving up data control.
Unleashing first-party data that’s often untapped
Unlocking value while maintaining privacy of advertisers’ sensitive first-party (1P) data has long been a challenge for advertisers concerned with exposure or technical friction. We set out to change this equation, enabling brands to safely activate data sets to measure conversion lift and attribution.
With Snapchat campaigns, advertisers can now bring first-party data that’s typically been inaccessible into play and understand how ads on the platform drive real-world actions — from product discovery to purchase. Instead of relying only on proxy signals or limited datasets, brands can generate more complete, incrementality-based insights on their Snapchat performance, gaining a clearer picture of the channel’s true contribution to business outcomes.
“Marketers possess deep reserves of first-party data that too often sits idle because it’s seen as difficult or risky to use,” said Graham Mudd, Senior Vice President, Product, Mozilla and Anonym co-founder. “Our partnership with Snap gives advertisers the power to prove outcomes with confidence, and do it in a way that is both tightly controlled and insight-rich.”
Snapchat audience scale: Reach meets relevance
With a reach of over 930 million monthly active users globally (MAUs), including 469 million daily active users — Snap’s rapidly growing audience makes it a uniquely powerful marketing channel. This breadth of reach is especially appealing to advertisers who previously avoided activating sensitive data—knowing they can now connect securely with high-value Snapchatters at scale.
Our solution is designed for ease of use, requiring minimal technical resources and enabling advertisers to go from kickoff to measurement reporting within weeks. Our collaboration with Snap furthers the mission of lowering barriers to entry in advertising, and enables brands of all sizes to confidently activate their competitive insights on Snapchat.
“Snapchat is where people make real choices, and advertisers need simple, clear insights into how their campaigns perform,” said Elena Bond, Head of Marketing Science, Snap Inc. “By working with Anonym, we’re making advanced measurement accessible to more brands — helping them broaden their reach, uncover deeper insights, and prove results, all while maintaining strict control of their data.”
How Anonym works: Simple, secure, scalable
Using end-to-end encryption, trusted execution environments (TEE), and differential privacy to guarantee protection and streamline compliance, Anonym helps advertisers connect with new, high-value customers and analyze campaign effectiveness without giving up data control. Strategic reach and actionable measurement are achieved with:
Advertiser-controlled: First-party data is never transferred to the ad platform.
Minimal technical lift: From campaign start to measurement, reporting can be completed in weeks—no heavy engineering or data science overhead.
Performance-focused: The outcome is clear insights into campaign lift and attribution, powering better investment decisions.
Regulation-ready: Provides advertisers with tools to help meet evolving privacy requirements, supporting responsible data use as rules change.
Anonym and Snap’s collaboration coincides with Advertising Week New York 2025, where measurement and data innovation will be in sharp focus.
From September 22–28, the Mozilla Support team ran our first-ever Mozilla – Ask a Fox virtual hackathon. In collaboration with the Thunderbird team, we invited contributors, community members, and staff to jump into the Mozilla Community Forums, lend a hand to Firefox and Thunderbird users, and experience the power of Mozillians coming together.
Rallying the Community
The idea was simple: we want to bring not only our long time community members, but newcomers and Mozilla staff together for one-week of focused engagement. The result was extraordinary.
The event generated strong momentum for both new and returning community members. This was reflected in the significant growth in total contributors, which rose by 41.6 %.
For the past year, our Community Forum had been struggling to maintain a strong reply rate as inbound questions grew. During the event, however, we achieved our highest weekly reply rate of the year, which was more than 50% above our daily average from the first half of 2025.
Time to first response (TTFR) also improved by 44.6%, which signal significant improvement in community responsiveness. The event also highlighted the importance of time to first response (TTFR) not just for users, but for the community as a whole. We saw a clear correlation: the faster users received their first reply, the more likely they were to return and continue the conversation.
Together, we showed just how responsive and effective our community can be when we rally around a common goal.
More Than Answering Forum Questions
Ask a Fox wasn’t only about answering questions—it was about connection. Throughout the week, we hosted special AMAs with the WebCompat, Web Performance, and Thunderbird teams, giving contributors the chance to engage directly with product experts. We also ran two Community Get Together calls to gather, share stories, and celebrate the spirit of collaboration.
For some added fun, we also launched a and ⚡ emoji hunt accross our Knowledge Base articles.
Recognizing contributors
We’re grateful for the incredible participation during the event and want to recognize the contributors who went above and beyond. Those who participated in our challenges should receive exclusive SUMO badges in their profile by now. And the following top five contributors for each product will soon receive a $25 swag voucher from us to shop our limited-edition Ask a Fox swag collection, available in the NA/EU swag store.
And finally, congratulations to Vincent, winner of the staff award for the highest number of replies during the week.
Ask a Fox was more than a campaign—it was a celebration of what makes Mozilla unique: a global community of people who care deeply about helping others and shaping a better web. Whether you answered one question or one hundred, your contribution mattered.
This event reminded us that when Mozillians come together, we can amplify our impact in powerful ways. And this is just the beginning—we’re excited to carry this momentum forward, continue improving the Community Forums, and build an even stronger, more responsive Mozilla community for everyone.
Firefox is celebrating 21 years of Firefox by hosting four global events celebrating the power of browser choice this fall.
We are inviting people to join us in Berlin, Chicago, Los Angeles and Munich as part of Open What You Want, Firefox’s campaign to celebrate choice and the freedom to show up exactly as you are — whether that’s in your coffee order, the music you dance to, or the browser you use. These events are an opportunity to highlight why browser choice matters and why Firefox stands apart as the last major independent option.
Firefox is built differently with a history of defiance. It is built in a way to best push back against the defaults of Big Tech. Firefox is the only major browser not backed by a billionaire or built on Chromium’s browser engine. Instead, Firefox is backed by a non-profit, and maintains and runs on Gecko, a flexible, independent, open-source browser engine.
So, it makes sense that we are celebrating differently too. We are inviting people to join us at four community-driven “House Blend” coffee rave events. What is a coffee rave? A caffeine-fueled day rave celebrating choice, freedom, and doing things your own way – online and off. These events are open to everyone and in partnership with local coffee shops.
Each event will have free coffee, exclusive merch, sets by two great, local DJs, a lot of dancing, and an emphasis on how individuals should get to shape their online experience and feel control online — and you can’t feel in control without choice.
We are kicking off the celebrations this Saturday, Oct. 4 in both Chicago and Berlin, will move to Munich the following Saturday, Oct. 11 and will end in Los Angeles Saturday, Nov. 8, for Firefox’s actual birthday weekend.
Chicago (RSVP here) When: Saturday, Oct. 4, 2025 | 10:00AM – 2:00PM CT Where: Drip Collective, 172 N Racine Ave, Chicago Illinois
Munich (RSVP here) When: Saturday, Oct. 11, 2025 | 13:00 – 16:00 CEST Where: ORNO Café, Fraunhoferstraße 11, 80469 München
Los Angeles When: Saturday, Nov. 8, 2025 More information to come
We hope you will join our celebration this year, in person at a coffee rave, or at one of our digital-first activations celebrating internet independence. As Firefox reflects on another year, it’s a good reminder that the most important choice you can make online is your browser. And browser choice is something that we should all celebrate and not take for granted.
We’re celebrating Firefox’s 21st anniversary this November, marking more than two decades of building a web that reflects creativity, independence and trust. While other major browsers are backed by billionaires, Firefox exists to ensure that the internet works for you — not for those cashing in on your data.
That’s the idea behind Billionaire Blast Off (BBO), an interactive experience where you design a fictional, over-the-top billionaire and launch them on a one-way trip to space. It’s a playful way to flip Big Tech’s power dynamics and remind people that choice belongs in our hands.
BBO lives online at billionaireblastoff.firefox.com, where you can build avatars, share memes and join in the joke. Offline, we’re bringing the fun to TwitchCon, with life-size games and our card game Data War, where data is currency and space is the prize.
The billionaire playbook for your data, served with satire
The goal of Billionaire Blast Off isn’t finger-wagging — it’s satire you can play. It makes the hidden business of your data tangible, and instead of just reading about the problem, you get to laugh at it, remix it and send it into space.
The game is a safe, silly and shareable way to talk about something serious: who really holds the power over your data.
Two ways to join the fun online:
Build a billionaire: Create your own billionaire to send off-planet for good. Customize your avatar with an origin story, core drive and legacy plan.
Blast off: We’re not just making little billionaires. We’re launching them into space on a real rocket. Share your creation on social media for a chance to secure a seat for your avatar on the official launch.
At TwitchCon, you’ll find us sending billionaires into space (for real), playing Data War and putting the spotlight on the power of choice.
Visit the Firefox booth #2805 (near Exhibit Hall F) to play Data War, a fast-paced card game where players compete to send egomaniacal, tantrum-prone little billionaires on a one-way ticket to space.
Step into an AR holobox to channel your billionaire villain era, create a life-size avatar and make it perform for your amusement in 3D.
<figcaption class="wp-element-caption">Try out your billionaire in our AR holobox at TwitchCon booth #2805</figcaption>
On Saturday, Oct. 18, swing by the Firefox Lounge at the block party to snag some swag. Then stick around at 8:30 p.m. PT to cheer as we send billionaire avatars into space on a rocket built by Sent Into Space.
Online, the fun continues anytime at billionaireblastoff.firefox.com. Because when the billionaires leave, the web opens up for you.
My name is Selim and I’m the Turkish localization manager. I’m from İstanbul, Türkiye. I’ve been contributing to Mozilla since 2010.
Your Contributions
Selim (first left) with fellow Turkish Mozillians Onur, Didem and Serkan (Mozilla Summit Brussels)
Q: Over the years, do you remember how many projects you’ve been involved in (including ones that may no longer exist)?
A: It’s been so many! I began with Firefox 15 years ago, but I think I’ve been involved in around 30 projects over the years. We currently have 23 projects active in Pontoon, and I’ve been involved in every single one of them to some degree.
Q: Roughly how many Mozilla events have you joined — whether localization meetups, company-wide gatherings, MozFest, or others?
A: I’ve attended six of them. My first one was the Mozilla Balkans Meetup 2011 in Sofia. Then I had the chance to meet fellow Mozillians in Zagreb, Brussels, Berlin, Paris, and my hometown İstanbul. They were all great experiences, both enlightening and rewarding.
Q: Looking back, are there any contributions or milestones you feel especially proud of?
A: When I first began contributing, my intention was to complete a few missing translations I had noticed in Firefox. However, I quickly realized that the project was huge and there was much more to it than met the eye. Its Turkish localization was around 85% complete at that time, but the community lacked the resources to push it forward. I took it as my duty to reach 100% first, and then spellcheck and fix all existing translations. It took me a few months to get there, but Firefox has clearly had the best Turkish localization among all browsers ever since.
Your Background
Q: Does your professional background support or connect with your work in localization?
A: I currently work as a freelance editor and translator, translating and editing print magazines (mostly tech, popular science, and general knowledge titles), and localizing software and websites.
And the event that kickstarted my career in publishing and professional translation was volunteering for localization. (No, not Firefox. It didn’t even exist yet!) Back in high school, I began localizing an open-source CMS called PHP-Nuke to be used on my school’s website. PHP-Nuke became very popular in a short amount of time, and a computer magazine editor approached me to build the magazine’s website using open-source tools, including PHP-Nuke. I’ve been an avid reader of those magazines since my childhood but never imagined that one day I’d be working for Türkiye’s best-selling computer magazine!
In time, I began translating and writing articles for the magazine as a freelancer and joined the editorial staff after graduating from university.
I’ve written hundreds of software and website reviews and kept noticing that some of them were high-quality products that needed better localization. Now, with a better understanding of how things work and with some technical background, I began contributing to more and more open-source projects in my free time, and Firefox was one of them.
I was lucky that the previous Turkish contributors did a great job “localizing” Firefox, not just translating it. I learned a great deal from them, and it had a huge impact on my later professional work.
I was also approached and/or approved by several clients who had seen my volunteer localization work.
So, in a way, my professional background does support my work in localization — and vice versa.
Q: In what ways has being part of Mozilla’s localization community influenced you — whether in problem-solving, leadership, or collaborating across cultures?
A: Once I started contributing, I quickly realized that Mozilla had something none of the other projects I had contributed to previously had: a community that I felt part of. These people loved the internet, and they were having fun localizing stuff, just like me.
The localization community helped me improve myself both professionally and personally in a lot of ways: I learned how to collaborate better with a team of volunteers from different backgrounds, how to use different translation tools, how to properly report bugs, how to deal with different time zones, and how to get out of my comfort zone and talk to people from abroad both in virtual and face-to-face events.
Your Community
Q: As a long-time contributor, what motivates you to continue after all these years?
A: First and foremost, I believe in Mozilla’s mission wholeheartedly. But there’s a practical motivation too: Turkish is spoken by tens of millions of people, so the potential impact of localization is huge. Ensuring my fellow nationals have access to high-quality, localized open-source software is a driving force. And I’m still having fun doing it!
Q: Many communities struggle with onboarding or retaining contributors, especially after COVID limited in-person events. What are the challenges you face as a manager and how do you address them? And how do you engage with active contributors today? Do you have a process or approach for welcoming newcomers?
A: The Turkish community had its fair share of struggles with onboarding and retaining contributors, but it never became a huge challenge because of an advantage we had: The first iteration of the community started very early. Firefox 1.0 was already available in Turkish, and they maintained a good localization percentage for most Mozilla products, even if not 100%. So when I joined, there were things to do but not a single project that needed to be started from scratch. They were maintainable by one or two enthusiastic localizers. And when I took on the manager role, I always tried to keep it that way. I did approve a number of new projects, but not before ensuring that we had the resources to always keep them at least 90% complete.
But that creates a dilemma: New Turkish contributors usually face strings that are harder to grasp without context or are more difficult to translate, because the easier and more visible strings have already been translated. I guess that makes newcomers frustrated and they leave after translating a few strings. In fact, over the past 10 years, we’ve had only one contributor (Grk) who has translated more than 10,000 strings (apart from myself), and two contributors (Ali and Osman) with more than 1,000 strings. I’d like to thank them once again for their awesome contributions.
The Turkish community has always been very small: just a few people contributing at a time, and that has worked for us. So I’m not anxiously trying to onboard or retain contributors, but if I see an enthusiastic newcomer, I try to guide them by commenting on their translations or sending a welcome email to let them know how things work.
Something Fun Q: Could you share a few fun or unexpected facts about yourself that people might not know?
A: Certainly:
I’m a metalhead, and the first thing I ever translated as a hobby was the lyrics of a Sentenced song. I’ve been translating song lyrics ever since, and I have a blog where I publish them.
I built my first website when I was 13, by manually typing HTML in Windows Notepad. That’s when I discovered the internet’s endless possibilities and fell in love with it.
Hello again from the Thunderbird development team! As autumn settles in, we’re balancing the steady pace of ongoing projects with some forward-looking planning for 2026. Alongside coding and testing, some of our recent attention has gone into budgets, roadmaps, and setting priorities for the year ahead. It’s not the most glamorous work, but it’s essential for keeping our momentum strong and ensuring that the big features we’re building today continue to deliver value well into the future. In the meantime, plenty of exciting progress has landed across the application, and here are some of the highlights.
Exchange support for email is here
Exchange support has officially landed in Thunderbird 144, which will roll out as our October monthly release. A big final push from the team saw a number of important features make it in before the merge:
Undo/Redo operations for move/copy/delete
Notifications
Basic Search
Folder Repair
Remote message content display & blocking
Status Bar feedback messaging
Account Settings screen changes
Autosync manager for message downloads
Attachment delete & detach
First set of advanced server settings
Experimental tenant-specific configuration options (behind a preference) now being tested with early adopters
The QA team is continuing to work through their test plans with support from a small beta test group, and their findings will guide the documentation and support we share more broadly with users on monthly release 144, as well as the priorities to tackle before we head into the next chapter.
Looking ahead, the team is already focused on:
Expanding advanced server settings for more complex environments
Improving search functionality
Folder Quotas & Subscriptions
Refining the user experience as more real-world feedback comes in
A planning session to scope work to support calendar and address book via EWS
One of the biggest milestones this month was our dedicated Conversation View Work Week which recently wrapped up, where designers and engineers gathered in person to tackle one of Thunderbird’s most anticipated UX features.
The team aligned early on goals and scope, rapidly iterated on wireframes and high-fidelity mockups, and built out initial front-end components powered by the new Panorama database.
By the end of the week, we had working prototypes that collapsed threads into a Gmail-style conversation view, demonstrated the new LiveView architecture, and produced detailed design documentation. It was an intense but rewarding sprint that laid the foundation for a more modern and intuitive Thunderbird experience.
Account Hub
We’ve now added the ability to manually edit an EWS configuration, as well as allow for users to create an advanced EWS configuration through the manual configuration step
The ability to cancel any loading operation in account hub for email has been completed and will be added to daily shortly
This also had the side effect of users who click “Stop” in the account old setup with an OAuth window open now closing the OAuth window automatically
We will be uplifting this change to beta and then ESR
Progress is being made with adding a step for 3rd party hosting credentials confirmation, with the UI complete and the logic being worked on
This progress will have to take into account changes from the cancel loading patch, as there are conflicting changes
Once this feature is complete, it will be uplifted to beta, and then ESR
Work will soon be starting to enable the creation of address books through account hub by default.
After a long pause, work on the Calendar re-write has resumed! We’ve picked things back up by continuing focus on the event read dialog. A number of improvements have already landed, including proper handling of description data and several small bug fixes.
We have seven patches under review that cover key areas such as:
Accessibility improvements, including proper announcements of event and calendar titles.
Adding the footer for acceptance.
Updating displays and transitioning current work to use the mod-src protocol.
Handling resizing
Development is also underway to add attendee support, after which we’ll move on to polishing the remaining pieces of the read dialog UI.
Maintenance, Recent Features and Fixes
August was set aside as a focus for maintenance, with a good number of our team dedicated to handling upstream liabilities such as our continued l10n migration to Fluent and module loading changes. In addition to these items, we’ve had help from the development community to deliver a variety of improvements over the past month:
Tree restyling following upstream changes – solved
An 18 year old bug to enable event duplication via drag & drop – solved
A 15 year old bug to sort by unread in threads correctly – solved
Implementation of standard colours throughout the application. [meta bug]
If you would like to see new features as they land, and help us squash some early bugs, you can try running daily and check the pushlog to see what has recently landed. This assistance is immensely helpful for catching problems early.
We’re back with our twelfth episode of the State of the Thunder! In this episode, we’re talking about community initiatives, filling you in on Android development, and finishing our updates on popular Mozilla Connect requests.
Want to find out how to join future State of the Thunders? Be sure to join our Thunderbird planning mailing list for all the details.
Austin RiverHacks and Ask-A Fox
Thunderbird is a Silver sponsor for Austin RiverHacks NASA Space Apps Challenge 2025! If you’re in or around Austin, Texas from October 4th-5th, and want to join an in-person event where curious minds delve into NASA data to tackle real-life problems, we’d love to see you.
This week (as in right now! Check it out and get involved!), we’re joining forces with Firefox for the Ask-A-Fox event on Mozilla Support! Earn swag, join an incredible community, and help fellow Thunderbird users on desktop and Android! Want a great overview of how to contribute to SUMO? Watch our Community Office Hours with advice on getting started.
Android Plans for Q4 2025
It’s hard to believe we’re almost into the last three months of the year! We’ve just released our joint July/August Mobile Progress report. We also want to give you all an update on our overall progress on the roadmap we created at the beginning of the year.
The new Account Drawer, currently in Beta, isn’t finished yet. We’re still working on real, proper unified folders! We’ll have mockups of the account drawer progress before the end of the month and more info in the next beta’s release notes. We’ll also have updates soon on message list status notifications (similar to the desktop). In the single message view, we have improvements coming! This includes making attachments quicker to see and open.
The battle for proper IMAP fetch continues. Different server setups complicate this struggle, but we want to get this right, nonetheless. This will bring the Android app more on par with other emails apps.
Unfortunately, work on things like message sync, notifications, and Android 15 might delay features like HTML signatures.
Mozilla Connect Updates, Continued
We’re tackling more of the most frequently requested changes and features on Mozilla Connect, and we’re answering questions about native operating system integration, conversation view, and Thunderbird Pro related features!
Native Operating System Integration
When your operating system is capable of something Thunderbird isn’t, we share your frustration. We want things like OS-native progress bars that show you how downloads are going. We’ve started work on OS-native notification actions, like deleting messages. We love how helpful and time-saving this is, and want to expand it to things like calendar reminders.
There’s possibility and limitation in this, thanks to both Firefox and the OS itself. Firefox enables us more than it restricts us. For example, our work on the progress bar comes straight from Firefox code. Though there are some limits, and Thunderbird’s different needs as a mail client sometimes mean we need to improve an aspect of Firefox to enable further development. But the beauty of open source means we can contribute our improvements upstream! The OS often constrains us more. For example, we’d love snoozeable native OS calendar notifications, but they just aren’t possible yet.
Conversation View
We just finished an entire in-person work week focused on this in Vancouver! Conversation view, if you’re not familiar with it, includes ALL messages in a conversation, including your replies and messages moved to different folders. This feature, along with others, depends on having a single database for all messages in Thunderbird. Our current database doesn’t do this; instead, each folder is its own database.
The new SQLite database, which we’re calling Panorama, will enable a true Conversation View. During the work week, we thought about (and visualized) what the UI will look like. Having developers and designers in the same room was incredibly helpful for a complicated change. (Having a gassy Boston Terrier in said room, less so.) The existing code expects the current database, so we’ll have to rebuild a lot and carefully consider our decisions. The switch to the new database will probably occur next year after the Extended Support Release, behind a preference.
This change will help Thunderbird behave like a modern email client! Moving to Panorama will not only move us into the future, but into the present.
Thunderbird Pro Related-Requests
Three Mozilla Connect requests (Expanding Firefox Relay, a paid Mozilla email domain, and a Thunderbird webmail) were all out of our control once. But now, with the upcoming Thunderbird Pro offerings, these all will be possible! We’re even experimenting with a webmail experience for Thundermail, in addition to using Thunderbird (or even another email client if you want.) We’ll have an upcoming State of the Thunder dedicated to Thunderbird Pro with more info and updates!
The SeaMonkey Project is pleased to announce the immediate release of SeaMonkey 2.53.22 Beta 1.
Please checkout [1] and/or [2].
Please also note, just to be explicit, SeaMonkey 2.53.22 Beta 1 dropped support for the x86 binaries (Linux i686 and Win32). So 2.53.21 is the last SeaMonkey version to support Linux i686 and Win32. I actually use both Linux i686 and Win32 binaries, so I’m kinda sad to see them go. Anyone remember the OSX x86 binaries (I think it was called Universal binary). ? C’est la vie, I guess. In one way, this lessens the burden of the devs.
Now it’s all x86_64, baby! x86 binaries have died. Long live x86 binaries!
In response to feedback we’ve heard from the community, AMO (addons.mozilla.org) just introduced a new feature allowing developers the ability to quickly roll back to a previously approved extension version. The most common need for roll-back ability are occasions when developers may release a new version they later discover has critical bugs. Now in such cases, instead of needing to make fast fixes and quickly submit an even newer version, which could be further delayed during a review process, developers are free to revert back to a previously approved version.
For users who may have already installed the buggy version that’s later pulled, the extension will update to the roll-back version when Firefox checks for the next update (which occurs every 24 hours by default, save for users who’ve turned off automatic updates from the Add-ons Manager).
To learn more about the new roll-back feature, please visit Extension Workshop.
Hello wonderful community, it has been a while since the last Mobile update.
A lot has happened in the past 2 months, so let’s jump right into a quick overview of current work in progress and primary efforts.
Account Drawer in progress
If you’re rocking the Beta version of Thunderbird for Android, you might have noticed that all your unified folders have disappeared! Don’t panic, that’s just temporary.
We’re still churning through the technical debt and the database inconsistencies in order to create through virtual unified folders for all your accounts.
The final goal is the same as the one we shared in a previous update, which you can see the final mock-ups here:
Expect more updates in the coming releases.
iOS account setup
The work on the iOS version is moving at full speed!
We found ourselves in a bit of a tight spot due to the recent announcements of Apple with their new iOS 26 version, and a somewhat complete redesign of all the SwiftUI and general Human Interface Guidelines.
When will iOS 26 be widely available and adopted?
Will we have our iOS version of Thunderbird ready before that?
If we build it on current iOS 18 design guidelines, how would that look on the new version?
Will we need to update everything right after releasing the first version?
Due to these uncertainties, we decided to focus only on the new iOS 26 user interface and be compatible with the new version right off the bat.
We will need to test and explore carefully how that behaves on iOS 18 and prior, hoping for some available translation layers in order to guarantee compatibility.
For now, here’s a sneak peek of the Account Setup flow for iOS!
Read/Unread status improvements in Android
As we move through an old codebase and we work hard to modernize components and layouts, it is unfortunately inevitable that we accidentally break old features or setups that are familiar to users.
We apologize for the inconvenience, especially in this latest highlighted issue which created some discomfort when it comes to the visual distinction between read and unread messages.
The old UI offered an option to customize the background color of those states. Even if this solution sounds like a good approach, it created multiple problems related to following system themes, light/dark mode variations, and the overall outdated implementation that needed to be removed.
Some users were dissatisfied, and rightly so, due to the less than optimal visual distinction between those states that solely relied on background colors.
We already improved the overall visual consistency and distinction in that area, but we’re working towards implementing a much clearer visual representation for each state that doesn’t just rely on background colors.
We’re implementing a combination of background and foreground colors, font weight variation, and a visual indicator that specifically represents unread and new messages.
This approach will remove any confusion and hopefully completely fix this problem.
Thank you all those involved for your feedback and concerns, and for using the Beta version to provide early feedback and test the new updates.
A new release cadence
Starting from September, we’re switching to a faster and more consistent release cadence.
The first week of every month we will release a new beta version, for example v13b1, followed by a new incremental beta version with improvements and fixes directly from the main branch, being released every week during that month (eg: v13b2, v13b3, etc).
At the end of that month, the current beta, after being deemed reliable and having passed our QA steps, will be promoted as a stable version and at the same time a new beta branch will be released.
In summary, starting from September you can expect a new stable version and a new beta cycle every month.
Changing our cadence will allow us to expose new and work in progress features more quickly to our beta audience, and shorten the waiting time for users on the stable branch, with smaller and consistent incremental improvements.
Cheers,
—
Alessandro Castellani(he, him) Director, Desktop and Mobile Apps | Mozilla Thunderbird
Welcome back to the latest season of State of the Thunder! After a short break, we’re back and ready to go. Michael Ellis, our Manager of Community Programs, is helping Alessandro with hosting duties. Along with members of the Thunderbird team and community, they’re answering your questions and keeping everyone updated on our roadmap progress for our projects.
In this episode, we’re talking about our initiatives for regular community feedback, tackling a variety of questions, and providing status updates on the top 20-ish Mozilla Connect Thunderbird suggestions.
Community Questions
Accidental Message Order Sorting
Question: Clearly the number one issue with Thunderbird that breaks for many of my clients is that if they accidentally click on a column header the sorting of the message is changed. “My messages are gone” is what I then hear all the time from my clients. It would be wonderful if the sorting of the message could be locked and not changed through such an easy operation, which often is invoked accidentally.
Answer: This is a great usability question and a complicated one. Alessandro recommends switching to CardsView, as it’s harder to accidentally change. This one one of the reasons we implemented it! However, we can definitely explore options to lock the message order in through enterprise policies. We would want to be mindful of users who wanted to change the order.
Michael discusses the option of a pop-up warning that could inform the user they’re about the change the message sorting order. Increased friction through a pop-up, though, as Alessandro and Jesse Miksic from the design team both point out, can cause its own issues. But this is certainly something we’ll look into more!
Move Focus Keyboard Shortcut
Question: Could there be consideration to add a keystroke to immediately move the focus to the list of messages in the currently open mailbox? Even better if keystrokes that would automatically do this for the inbox folder or the default account.
Answer: Alessandro notes Thunderbird already has this ability, but it’s not super noticeable. The F6 key allows you to switch focuses between the main areas of the application. So we’re approaching this problem from two directions: implementing tabular keyboard navigation and customizable shortcuts. We don’t have an expected delivery date on the latter, but we plan to have a searchable keyboard shortcut hub. We know our interface can be a little daunting, and we’re tackling it from multiple angles.
Option for Simplified Thunderbird?
Question: I work for a company which develops a Raspberry Pi-based computer made specific… specifically for blind consumers. Thunderbird is installed on this device by default. Many of our users are not tech-savvy. and just want a simple email client. I would love to have an easy method for removing some of the clutters with the goal of having a UI with fewer controls. Currently, users often have to press the tab key many times just to move to the list of messages in their inbox. For some users, all they really want is the message list and the list of folders, with the menu bar open, and that’s it. A bit like we once had with Outlook Express.
Answer: Alessandro and Ryan Sipes, our director, have talked about the need for a lighter version of Thunderbird a lot. This would help users who don’t need all the power of Thunderbird, and just want to focus on their messages (not even their folders). However, Ryan doesn’t want a separate version of Thunderbird we’d need to maintain, but to build a better usability curve into Thunderbird. Answering this question means having a Thunderbird that is simple by default, but more powerful and customizable if needed, without upsetting our current users.
Heather Ellsworth from the community team also supports the idea of a user preference for a lighter Thunderbird. At conferences and co-working spaces, she constantly hears the requests for a slightly simpler version of Thunderbird.
Thunderbird PPA
Question: I’m using Linux, one of the Ubuntu-derived flavors. And I have Thunderbird 128.14 ESR installed through the Mozilla Team PPA. I would love to know when the ESR version of 140 will be available in this PPA.
Answer: Heather, who works a lot with Linux packaging, takes this question. This PPA isn’t an official distribution channel for Thunderbird, which leads to some confusion. Our official Linux packages are the Snap and flatpak, and the tarball available on our website. A community member named Rico, whose handle is ricotz, maintains this PPA. In the PPA, you can click on his name to learn how to contact him for question like this.
Top 20-ish Mozilla Connect Posts
If you’ve ever posted an idea to make Thunderbird better in a blog comment, social media post, or a SUMO (Mozilla Support) thread, you’ve probably been prompted to share your suggestion on Mozilla Connect. This helps us keep our community feedback in one place, which helps our team prioritize features the community wants!
Where we’re falling short, however, is keeping the community updated on the progress of their suggestions. With a dedicated community team, this is something we can do better! Right now, we’d like to provide a quick status update on the top 20-ish Mozilla Connect posts related to Thunderbird.
We implemented this in the Daily build of the desktop app last year, using a staging environment for Firefox Sync. But Firefox Sync is called Firefox Sync because it’s built for Firefox. Thunderbird profiles, in comparison, have a lot more data points. This meant we had to build something completely different.
As we started to spin up Thunderbird Pro, we decided it made more sense to have a Thunderbird account that would manage everything, including Sync. Unfortunately, this meant a lot of delays. So Sync is still on our radar, and we hope to have it next year, barring further complications.
Yes, we’re working on this, starting with native desktop notifications. Ideally, we want to be integrated with more Linux desktop environments through expanded native APIs.
We’re already adopting opt-in telemetry for an upcoming release of Thunderbird for Android, and we want to make this the default for desktop in the future. While desktop is currently opt-out, Alessandro stresses we only have a few limited telemetry probes for desktop Thunderbird. And those probes can show how the majority of users are using the app and help us avoid bad UX choices.
Exploring this is low on our list right now. This is both because of performance concerns and we want to be very cautious with anything concerning machine learning, which includes translation.
Anxious to know the rest of the top 20 Mozilla Connect posts? Join us on Tuesday, September 16 at 3 PM Pacific (22:00 UTC)! Find out how to join on the TB Planning mailing list. We think this will be a great season and who knows, by the end of it, we may even have a jingle. See you next time!
The promise of an open and competitive internet hangs in the balance. From the future of AI agents to the underappreciated role of browsers and browser engines, the technological landscape continues to evolve. Getting the regulatory and enforcement backdrop right is critical: from competition bills in Congress to the EU’s DMA, the stakes for innovation, privacy and consumer choice have never been higher.
Welcome back to another edition of the Community Office Hours! This month, we’re taking a closer look at accessibility in the Thunderbird desktop and mobile apps. We’re chatting with Rebecca Taylor and Solange Valverde, members of our designer, about a recent accessibility (often shortened as a11y) study. We wanted to find out where Thunderbird was doing well, and where we could improve. Rebecca and Solange walk us through the study and answer our questions!
We’ll be back next month with the latest Community Office Hours! If you have a suggestion for a topic or team you’d love us to cover, please let us know in the comments!
August Office Hours: Thunderbird Accessibility Study
The Thunderbird Team wants to make desktop and mobile apps that maximizes everyone’s productivity and freedom. This means making Thunderbird accessible for all of our users, and the first step is finding where we can do better. Thanks to our relationship with Mozilla, our design team commissioned a study with Fable, who connects companies building inclusive products to experienced testers with disabilities. We asked participants to evaluate the Thunderbird desktop app using assistive tech, including screen readers, alternative navigation, and magnification. And we also asked a user on the cognitive spectrum to evaluate how our language, layouts, and reminders helped or hindered their use of the app.
Members of the design team then conducted 60 minute moderated interviews with study participants. In these talks, participants pointed out where they struggled with accessibility roadblocks, and what strategies they used to try and work through them.
Screen Reader Users
Screen readers convert on-screen text to either speech or Braille, and help blind or low-vision users navigate and access digital content. Our study participants, many of whom switch between multiple screen readers, let us know where Thunderbird falls short.
Some issues were common to all screen readers. Keyboard shortcuts didn’t follow common norms, and workflows in search and filter results made for a confusing experience. Thunderbird could benefit from a table view with ARIA, a W3C specification created to improve accessibility.
Other issues were specific to the individual screen reader programs. In Narrator, for example, expected confirmation for actions like moving messages was missing, and the screen reader didn’t recognize menu stage changes in submenus. In JAWS, meanwhile, message bodies were unreadable in email and compose windows with Braille display, and filter menus opened silently, not announcing the content or state to the user. Finally, with NVDA, users noted confusing structures and organization that lacked the structure and context they expected, as well as poor content prioritization.
Cognitive Usability
In a previous office hours, we talked about how we wanted to make Thunderbird more cognitively accessible with our work on the Message Context Menu. Cognition relates to how we think, learn, understand, remember, and pay attention, and clear language, regular layouts, and meaningful reminders all improve cognitive accessibility. Our cognitive accessibility tester expressed concerns about a lack of a quick, non-technical setup, imbalances in our whitespace, and unpredictable layout controls, among other issues.
Alternative Navigation and Magnification
Our alternative navigation users tested how well they could use Thunderbird with voice controls and eye tracking software. Our voice control testers found room for improvement with menu action labels, better autofocus shift when scrolling through emails, and a larger font size for more comfortable voice-driven use. Likewise, our eye tracking software tester found issues with font sizes. They also noted concerns with composition workflow and focus, too-small controls, and a drag-and-drop bug.
Our magnification tester found where we could improve visual contrast and pane layouts. They also found off-screen elements could steal focus from new messages, and that folder paths and hierarchies could use more clarification.
Conclusions and Next Steps
We’re incredibly grateful for the insights we learned from this study on the many aspects of accessibility we want to improve in all of our apps. We want to thank Mozilla for their helping us take the next step in accessibility research, and Fable for providing a fantastic platform for accessibility testing. We’re also so grateful to our study participants for all their time and sharing their perspectives, concerns, and insights.
This is far from the end of our accessibility journey. We’re looking forward to working what we learned in this study into deeper research and ultimately our desktop roadmap. We can’t wait to start accessibility research on our mobile apps. And we hope this study can help other open source projects start their own accessibility research to improve their projects.
One way you can get involved is to report accessibility bugs on the desktop app. Go to the Thunderbird section on Bugzilla, and under ‘Component’ select ‘Disability Access.’ Additionally, click ‘Show Advanced Fields’ and enter ‘access’ into the ‘Details > Keywords’ section. Add screenshots when possible. Be sure to describe the bug so others can try and reproduce the it for better troubleshooting.
If you want to learn more about our accessibility efforts, please join our User Experience mailing list! If you think you’re ready to get involved, please join our dedicated Matrix channel. We hope you help us make Thunderbird available, and accessible, everywhere!
We’re back with another exciting Monthly Release recap! Thunderbird 142.0 brings a host of user-requested features and important bug fixes that make your email experience smoother and more reliable. From better folder management to smarter PDF handling, this release focuses on the details that matter most to your daily workflow.
A quick reminder – these updates are for users on our monthly Thunderbird Release channel. For our users still on the ESR (Extended Standard Release) channel, these updates won’t land until next July 2026. For more information on the differences between the channels and how to make the switch:
Ever tweaked your folder order and wished you could start fresh? We hear you! Thunderbird 142 introduces a simple way to reset your folder sorting back to defaults.
Benefits:
The new Reset Folder Order option lets users right‑click an account in the Folder Pane to instantly clear any custom sorting.
Provides a quick clean slate and avoids manually dragging folders back to default positions.
Note: This feature resets sorting order but doesn’t restore folders that were moved inside different parent folders.
Thunderbird now lets you add visual signatures to PDF attachments opened inside the app. This update brings Thunderbird in line with modern PDF functionality, making it easier to handle contracts, forms, and other documents without leaving your inbox.
Benefits:
Add a handwritten-style visual signature directly in Thunderbird.
No need for external tools to sign simple PDF documents.
Keeps everyday document handling faster and more convenient.
New add-on API support for OAuth client registration now allows developers and organizations to add custom OAuth providers at runtime. Instead of requiring changes in Thunderbird’s core code, an add-on can handle the setup.
Benefits:
Supports custom OAuth providers through add-ons.
Works with enterprise policies for organizational deployments.
Simplifies integration with unique authentication systems.
Your focus time is sacred, and Thunderbird now honors that across all operating systems.
Benefits:
Native OS notifications now respect the “Do Not Disturb” setting of every operating system, including blocking calendar reminders and chat notification sounds.
Delivers protected focus time and consistent behavior with other applications.
Reading flow is now smoother when switching between light and dark message modes. An issue was reported where toggling the setting in the message header would reset your scroll position and pull focus away from the message body.
Benefits:
Keep your scroll position in the message when switching between light and dark mode so you can continue reading without interruption.
Retain focus on the message body for easier keyboard navigation.
Reduce extra clicks and scrolling, making reading more seamless.
Unwanted scrolling of the message list that happened when returning to the Mail tab after opening a message is now a thing of the past. Instead of jumping to the top and slowly scrolling back down, the list now stays put.
Benefits:
Keep your place in the message list when switching tabs.
Thunderbird now correctly reloads PDF attachments that were left open in tabs when you restart the app. Previously, these tabs would fail to open and display an error, forcing you to reload them manually.
Benefits:
Open PDF attachments are restored automatically on startup.
In April of this year we announced Thunderbird Pro, additional subscription services from Thunderbird meant to help you get more done with the app you already use and love. These services include a first ever email service from Thunderbird, called Thundermail. They also include Appointment, for scheduling meetings and appointments and Send, an end-to-end encrypted filesharing tool. Each of these services are open source, repositories are linked down below.
Thunderbird Pro services are being built as part of the broader Thunderbird product ecosystem. These services are enhancements to the current Thunderbird application experience. They are optional, designed to enhance productivity for users who need features like scheduling, file sharing and email hosting, without relying on the alternate platforms. For users who opt in, the goal is for these services to be smoothly integrated into the Thunderbird app, providing a natural extension of the familiar experience they already enjoy, enhanced with additional capabilities they may be looking for. For updates on Thunderbird Pro development and beta access availability, sign up for the mailing list at thundermail.com.
Progress So Far
Thundermail
Development has been moving steadily forward and community interest in Thundermail has been strong. The upcoming email hosting service from Thunderbird will support IMAP, SMTP and JMAP out of the box, making it compatible with the Thunderbird app and many other email clients. If you have your own domain, you’ll be able to bring it in and host it with us. Alternatively, grab an email address provided by Thunderbird with your choice of @thundermail.com or @tb.pro as the domains. The servers hosting Thundermail will initially be located in Germany with more countries to follow in the future. Thunderbird’s investment in offering an email service reflects our broader goal of strengthening support for open standards and giving users the option to keep their entire email experience within Thunderbird.
We originally developed the scheduling tool as a standalone web app. On the current roadmap, however, we’re tightly integrating Appointment into the Thunderbird app through the compose window, allowing users to insert scheduling links without leaving the email workflow. It will be easy for organizations and individuals to self-host, fork and adapt the tool to their own needs. The future is for Appointment to support multiple meeting types, like Zoom calls, phone meetings, or in-person coffee chats. Each of these will have its own settings and scheduling rules.
One of the most requested future features is group scheduling, which would allow multiple team members to offer shared availability via a single link. The current calendar protocols don’t fully support this flow, however Thunderbird is participating in discussions around open standards like VPOLL to help move things forward. Usability studies are helping refine the MVP and community feedback is shaping the roadmap.
A secure, end-to-end encrypted file sharing tool, built on Thunderbird app’s existing Filelink feature. It supports large file transfers directly from the email client. This allows users to bypass platforms like Google Drive or OneDrive. Pro users will receive 500 GB of storage to start, with no individual file size limit, only constrained by their total quota. We’re planning support for chunked uploads and encryption to ensure reliability and data protection. We’ll deliver Send as a system add-on which lets the team push updates faster. This also avoids locking new capabilities behind major Thunderbird release cycles.
All Thunderbird Pro tools are open source and self-hostable. For users who prefer to run their own infrastructure or work in regulated environments, both Send and Appointment can be deployed independently. Thunderbird will continue to support these users with documentation and open APIs.
A Look Ahead
Thunderbird is exploring additional Pro features beyond the current lineup. While we’ve made no commitments yet, there is strong interest in adding markdown based Notes functionality, especially as lightweight personal knowledge management becomes more popular. Heavier lifts like collaborative docs or spreadsheets may follow, depending on adoption and sustainability.
Another worthy mention: a fourth, previously announced service called Assist, which will eventually enable users to take advantage of AI features in their day-to-day email tasks, is still in the research and development phase. It will not be part of the initial lineup of services. This initiative is a bigger undertaking as we ensure we get it right for user privacy and make sure the features included are actually things our users want. More to come on this as the project progresses.
To improve transparency and invite community collaboration, Thunderbird is also preparing a public roadmap covering desktop, mobile and Pro services. We’re developing the roadmap in collaboration with the Thunderbird Council. Our goal is to encourage participation from contributors and users alike.
Free vs Paid
Adding these additional subscription services will never compromise the features, stability or functionality our users are accustomed to in the free Thunderbird desktop and mobile applications. These services come with real costs, especially storage and bandwidth. Charging for them helps ensure that users who benefit from these tools help cover their cost, instead of donors footing the bill.
Thunderbird Pro is a completely optional suite of (open source) services designed to provide additional productivity capabilities to the Thunderbird app and never to replace them. The current Thunderbird desktop and mobile applications are, and always will be, free. They will still heavily rely on ongoing donations for both development and independence.
If you haven’t already, join our waiting list to be one of the early beta testers for Thunderbird Pro. While we don’t have a specific timeline just yet, we will be sharing ongoing updates as development progresses.
—
Ryan Sipes Managing Director, Product Mozilla Thunderbird
Firefox is now the first and the only browser to deploy fast and comprehensive certificate revocation checking that does not reveal your browsing activity to anyone (not even to Mozilla).
Tens of millions of TLS server certificates are issued each day to secure communications between browsers and websites. These certificates are the cornerstones of ubiquitous encryption and a key part of our vision for the web. While a certificate can be valid for up to 398 days, it can also be revoked at any point in its lifetime. A revoked certificate poses a serious security risk and should not be trusted to authenticate a server.
Identifying a revoked certificate is difficult because information needs to flow from the certificate’s issuer out to each browser. There are basically two ways to handle this. The browser either needs to ask an authority in real time about each certificate that it encounters, or it needs to maintain a frequently-updated list of revoked certificates. Firefox’s new mechanism, CRLite, has made the latter strategy feasible for the first time.
With CRLite, Firefox periodically downloads a compact encoding of the set of all revoked certificates that appear in Certificate Transparency logs. Firefox stores this encoding locally, updates it every 12 hours, and queries it privately every time a new TLS connection is created.
You may have heard that revocation is broken or that revocation doesn’t work. For a long time, the web was stuck with bad tradeoffs between security, privacy, and reliability in this space. That’s no longer the case. We enabled CRLite for all Firefox desktop (Windows, Linux, MacOS) users starting in Firefox 137, and we have seen that it makes revocation checking functional, reliable, and performant. We are hopeful that we can replicate our success in other, more constrained, environments as well.
Better privacy and performance
Prior to version 137, Firefox used the Online Certificate Status Protocol (OCSP) to ask authorities about revocation statuses in real time. Certificate authorities are no longer required to support OCSP, and some major certificate authorities have already announced their intention to wind down their OCSP services. There are several reasons for this, but the foremost is that OCSP is a privacy leak. When a user asks an OCSP server about a certificate, they reveal to the server that they intend to visit a certain domain. Since OCSP requests are typically made over unencrypted HTTP, this information is also leaked to all on-path observers.
Having gained confidence in the robustness, accuracy and performance of our CRLite implementation, we will be disabling OCSP for domain validated certificates in Firefox 142. Sealing the OCSP privacy leak complements our ongoing efforts to encrypt everything on the internet by rolling out HTTPS-First, DNS over HTTPS, and Encrypted Client Hello.
Disabling OCSP also has performance benefits: we have found that OCSP requests block the TLS handshake for 100 ms at the median. As we rolled out CRLite, we saw notable improvements in TLS handshake times.
Bandwidth requirements of CRLite
Users with CRLite download an average of 300 kB of revocation data per day: a 4 MB snapshot every 45 days and a sequence of “delta updates” in-between. (The exact sizes of snapshots and delta updates fluctuate day by day. You can explore the real data on our dashboard.)
To get a sense for how compact CRLite artifacts are, let’s compare them with Certificate Revocation Lists (CRLs). A CRL is a list of serial numbers that each identify a revoked certificate from a single issuer. Certificate authorities in Mozilla’s root store have disclosed approximately three thousand active CRLs to the Common CA Database. In total, these three thousand CRLs are 300 MB in size, and the only way to keep a copy of them up-to-date is to redownload them regularly. CRLite encodes the same dynamic set of revoked certificates in 300 kB per day. In other words, CRLite is onethousand times more bandwidth-efficient than daily CRL downloads.
Of course, no browser is performing daily downloads of all CRLs. For a more meaningful comparison, we can consider Chrome’s CRLSets. These are hand-picked sets of revocations that are delivered to Chrome users daily. Recent CRLSets weigh in at 600 kB and include about 1% of all revocations (thirty-five thousand of the four million total). Firefox’s CRLite implementation uses half the bandwidth, updates twice as frequently, and includes all revocations.
Including all revocations is essential for security as there is no reliable way today to distinguish security-critical revocations from administrative revocations. Roughly half of all revocations are made without a specified reason code, and some of these revocations are likely due to security concerns that the certificate’s owner did not wish to highlight. When reason codes are used, they are often used in an ambiguous way that does not clearly map to security risk. In this environment, the only secure approach is to check all revocations, which is now possible with CRLite.
State-of-the-art blocklist technology
You may recall a seriesofblogposts on our experiments with CRLite back in 2020. We followed these experiments with successful deployments to Nightly, Beta, and 1% of Release users. But the bandwidth requirements for this early CRLite design turned out to be prohibitive.
We solved our bandwidth issue by developing a novel data structure—the “Clubcard” set membership test. Where the original CRLite design used a “multi-level cascades of Bloom filters”, Clubcard-based CRLite uses a “partitioned two-level cascade of Ribbon filters”. The “two-level cascade” idea was presented by Mike Hamburg at RWC 2022, and “partitioning” is an innovation of our own that we presented in a paper at IEEE S&P 2025 and a talk at RWC 2025.
Future improvements
We are working on making CRLite even more bandwidth efficient. We are developing new Clubcard partitioning strategies that will compress mass revocation events more efficiently. We are also integrating support for the HTTP compression dictionary transport, which will further compress delta updates. And we have successfully advocated for shorter certificate validity periods, which will reduce the number of CRLite artifacts that need to encode any given revocation. With these enhancements, we expect the bandwidth requirements of CRLite to trend down over the coming years, even as the TLS ecosystem itself continues to grow.
Our Clubcard blocklist library, our instantiation of Clubcards for CRLite, and our CRLite backend are freely available for anyone to use. We hope that our success in building fast, private, and comprehensive revocation checking for Firefox will encourage other software vendors to adopt this technology.
At Firefox, we deeply value the incredible contributions of our add-ons developer community. Your creativity and innovation are instrumental in making Firefox a more personalized and powerful browsing experience for millions of users worldwide.
Today, we’re thrilled to announce a new program designed to recognize and celebrate the developers who have made an outstanding impact on our ecosystem: the Firefox Extension Developer Awards Program!
Extensions play a vital role in enhancing the Firefox user experience. Almost 40% of Firefox users have installed at least one add-on, making it clear that our thriving ecosystem, supported by 10,000 active developers, is an essential component of the Firefox experience. While all developers contribute to the diversity and depth of the ecosystem, there are a number of popular extensions responsible for significant positive impact. This program aims to acknowledge and reward these developers for their significant contributions.
The Awards: A Token of Our Appreciation
Inspired by programs like YouTube’s creator awards, we’ve partnered with Aparat Design, to create a unique Mozilla inspired trophy for eligible award recipients.The award will be engraved with the name of the extension and finished with a different color based on the milestone it has achieved. This is a unique and exclusive opportunity available only to Firefox extension developers.
Milestone Tier
Average Daily Active Users
Platinum
Over 10 million
Gold
Over 5 million
Silver
Over 1 million
Bronze
Over 500,000
How the program works
All Firefox extensions listed on AMO (addons.mozilla.org) are eligible for an award, so long as requisite user thresholds are reached and the content is compliant with Add-on Policies.
Each quarter, our team will identify new extensions that meet the award criteria and maintain a good standing with Firefox.
We’re incredibly excited about the Firefox Extension Developer Awards Program and look forward to celebrating your achievements! Stay tuned to this very blog for the announcement of our inaugural round of award recipients.
Across the internet, users rely on browsers and extensions to shape how they experience the web: to protect their privacy, improve accessibility, block harmful or intrusive content, and take control over what they see. But a recent ruling from Germany’s Federal Supreme Court risks turning one of these essential tools, the ad blocker, into a copyright liability — and in doing so, threatens the broader principle of user choice online.
Imagine you are watching television and you go to the kitchen for a snack during an ad break. Or you press the fast-forward button to skip some ads while listening to a podcast. Or perhaps you get a newspaper delivered to your house, and you see that it includes a special section made up of hallucinated AI content, so you drop the inset into the trash before taking the rest of the paper inside. Were these acts of copyright infringement? Of course not. But if you do something like this with a browser extension, a recent decision from the German Federal Supreme Court suggests that maybe you did infringe copyright. This misguided logic risks user freedom, privacy, and security.
There are many reasons, in addition to ad blocking, that users might want their browser or a browser extension to alter a webpage. These include changes to improveaccessibility, to evaluate accessibility, or to protectprivacy. Indeed, the risks of browsing range from phishing, to malicious code execution, to invasive tracking, to fingerprinting, to more mundane harms like inefficient website elements that waste processing resources. Users should be equipped with browsers and browser extensions that give them both protection and choice in the face of these risks. A browser that inflexibly ran any code served to the user would be an extraordinarily dangerous piece of software. Ad blockers are just one piece of this puzzle, but they are an important way that users can customize their experience and lower risks to their security and privacy.
The recent court ruling is the latest development in a legal battle between publisher Axel Springer and Eyeo (the maker of Adblock Plus) that has been winding its way around the German legal system for more than a decade. The litigation has included both competition and copyright claims. Until now Eyeo has largely prevailed and the legality of ad blockers has been upheld. Most significantly, in 2022, the Hamburg appeal court ruled that Adblock Plus did not infringe the copyright of websites but rather was merely facilitating a choice by users about how they wished their browser to render the page.
Unfortunately, on July 31, the German Federal Supreme Court partially overturned the decision of the Hamburg court and remanded the case for further proceedings. The BGH (as the Federal Supreme Court is known) called for a new hearing so that the Hamburg court can provide more detail regarding which part of the website (such as bytecode or object code) is altered by ad blockers, whether this code is protected by copyright, and under what conditions the interference might be justified.
The full impact of this latest development is still unclear. The BGH will issue a more detailed written ruling explaining its decision. Meanwhile, the case has now returned to the lower court for additional fact-finding. It could be a couple more years until we have a clear answer. We hope that the courts ultimately reach the same sensible conclusion and allow users to install ad blockers.
We sincerely hope that Germany does not become the second jurisdiction (after China) to ban ad blockers. This will significantly limit users’ ability to control their online environment and potentially open the door to similar restrictions elsewhere. Such a precedent could embolden legal challenges against other extensions that protect privacy, enhance accessibility, or improve security. Over time, this could deter innovation in these areas, pressure browser vendors to limit extension functionality, and shift the internet away from its open, user-driven nature toward one with reduced flexibility, innovation, and control for users.
Hello again from the Thunderbird development team! As the northern hemisphere rolls into late summer and the last of the vacation photos trickle into our chat channels, the team is balancing maintenance sprints with ongoing feature-related projects. Whether you’re basking in the sun or bundled up for a southern winter, we’ve got plenty to share about what’s been happening behind the scenes, and what’s coming next.
Exchange support
It’s been a whirlwind of progress since our last update and with the expanded team collaborating regularly. It has felt like we’ve hit our stride and the finish line is in sight. Driven by a dramatic increase in automated test coverage, the team has been able to detect gaps and edge cases to help improve many areas of the existing code, and close out a good number of bugs.
As we ready the feature set for wider release, we’ve taken the opportunity to revisit the backlog and feel confident enough with our pace to prioritize a few features and address them sooner than originally planned.
The July roadmap worked out very well, with our planned features landing and a number of bonus items also complete:
Automated test coverage
Message filtering
Setting as Junk/Not Junk
Remote content display/blocking
Callback modernization/simplification
Propagation of certificate and connection errors
Archiving
Saving Drafts
Back-off handling
Items we’ve prioritized for the next few weeks are:
A few users have reported issues following end user adoption of this feature, so we’re addressing these while finalizing Account Hub for Address Book items, such as LDAP configuration. The team is also planning the implementation of telemetry which will help us determine areas for improvement in this important part of the application.
Global Message Database [Panorama]
The team has been focused on Exchange implementation and larger scale refactoring which isn’t directly tied to this project, so no updates to note here. The next time I write will be during a work week that has been dedicated to “Conversation View”, which is one of the key drivers for our database overhaul. Stay tuned for updates and decisions coming out of that collaboration.
To follow their progress, take a look at the meta bug dependency tree. The team also maintains documentation in Sourcedocs which are visible here.
Maintenance, Recent Features and Fixes
August is set aside as a focus for maintenance, with half our team dedicated to inglorious yet important items from our roadmap. In addition to these items, we’ve had help from the development community to deliver a variety of improvements over the past month:
If you would like to see new features as they land, and help us squash some early bugs, you can try running daily and check the pushlog to see what has recently landed. This assistance is immensely helpful for catching problems early.
Saturday, August 2, marked the first anniversary of the entry into force of the EU AI Act, the EU’s contested landmark legislation putting in place rules for AI sold and deployed on its internal market. With a staggered timeline for when different rules take effect, Mozilla continues its work to ensure that the law’s implementation is a success.
Beginning last week, the AI Act imposes new obligations for the developers of so-called “general-purpose AI models” (GPAI), that is, large AI models like OpenAI’s GPT, Google’s Gemini, or xAI’s Grok models (often also refered to as “foundation models”). Mozilla has long advocated for such rules to be included in the AI Act to ensure that large AI labs must play their part in making the technology they develop safer and more transparent and that due diligence obligations are not entirely passed down the value chain to smaller developers and deployers. These new rules include new transparency and disclosure mandates as well as obligations relating to GPAI developers safety and security practices.
To mark the occasion, Mozilla, in partnership with Hugging Face and Linux Foundation, published a guide for open-source AI developers aiming to help them navigate these rules. Amongst other questions, the guide explains what exactly constitutes a GPAI model or a “GPAI model with systemic risk”, what obligations developers need to meet, and when they might benefit from the AI Act’s exemptions for open-source AI. It builds on and synthesizes the recently adopted Code of Practice for GPAI developers as well as the European Commission’ newly published GPAI guidelines. The guide also includes an interactive flowchart meant to help developers on their AI Act “user journey”. This builds on Mozilla’s long-standing work advocating for better conditions for open-source AI development, including our advocacy to ensure that open-source developers receive proportionate treatment under the AI Act.
In addition, in late July, the European Commission also published a template for the “sufficiently detailed summary” that GPAI developers are now mandated to publish about the data used to train their AI models. While the template falls short of expectations in many respects, it does in parts mirror recommendations made by Mozilla building onour workin partnership with Open Future over the past year.
With additional rules taking effect over the course of the coming years and the European Commission building up its capacity to enforce them, work on the AI Act is not over — it is entering a new phase. Amid discussions of regulatory simplification, a potential revision of the AI Act in the context of the EU’s omnibus, and calls to “stop the clock” on enforcing the AI Act, Mozilla will continue its work to help make the AI Act’s implementation a success. This is grounded in our conviction that good regulation and innovation aren’t inherently contradictory, but rather complements when it comes to steering innovation in a direction that is beneficial to all.
David Allen’s “Getting Thing Done” (GTD) system has been around for longer than Thunderbird! First published in a book of the same name in 2001, this approach to productivity is focused on freeing your brain from chaos, giving it “focus, clarity, and confidence” for creativity and new ideas. As I’m also a fan of freedom from chaos, I decided to dive back into our productivity blogs and highlight how to use tags and keyboard shortcuts to use GTD in Thunderbird.
Five Steps to Get Things Done
To start, let’s summarize the GTD system, for anyone who might not be familiar. GTD uses five key steps to go from unorganized to unstoppable, whether in your inbox or elsewhere: Capture, Clarify, Organize, Reflect, and Engage.
Let’s think about these steps in terms of managing your inbox! First, Capturing involves collecting the things that have your attention. In other instances, this could mean brainstorming a to-do list. For email, this means your inbox. Clarifying entails taking those items and figuring out what they mean. For the Getting Things Done system, you need to figure out if you can act on something (for example, an email) or not. If it’s not actionable, where does it needs to go Is this reference? Is this on hold for some reason? Or can it just go in the trash?
Once this clarifying is done, it’s time to Organize, aka putting the things that have your attention or reminders of them in a place you can act on, whether that’s now or later. Reflecting isn’t a one-time step, but something you do consistently to fine-tune your system and make sure it’s still working for you.
All of these steps make the last step, Engaging, possible. You have a system you can trust, honed through reflection. Your inbox management system is like a starship where everything and everyone is working together, efficiently and effectively. This frees up your brain so your brain can soar through a cosmos of deep, interesting, meaningful work. Maybe while drinking a cup of tea, Earl Grey, hot.
Using Tags and Keyboard Shortcuts to Clarify and Organize Your Inbox
Adapting the GTD system to your Thunderbird inbox takes advantages of two features I am coming to love: labels and keyboard shortcuts.
I’m going to suggest three initial labels, and a few possibilities for labels for non-actionable emails, and walk you through how to set up the labels and use the keyboard shortcuts to apply them – with screenshots!
First, go into Settings > General > Tags to create/adjust your tags. The four example tags we set are “Do Now,” “Do,” “Waiting For,” and “Later.”
Wait, why have a “Do Now” and “Do” tag? This tip came from Henk Postma’s blog, who gave me a lot of inspiration. “Do Now” is urgent, and it needs doing without delay. “Do” doesn’t have this urgency, but the email is actionable.
The “Waiting For” label means there’s something you need to act on this email. Maybe it’s more information, or permission. This label can keep hold those emails until you’re ready. The “Later” tag is a bit of a catch-all. Like reference information, or things you’re interested in but can’t pursue yet. Maybe you want to break down your “Later” labels. The choice is yours!
Now that we have our labels set up, and associated with a number, we’re ready to start organizing. Once a message comes in, click the number for the tag you want. If you accidentally press the wrong number, don’t worry! Just press ‘0’ to clear whatever label you applied.
And that’s it! Well, except putting your system into practice, and David Allen has some further advice on using GTD in your inbox. If you have any tips on how you make your email organization a habit and not an afterthought, I’d love to hear them! As always, if there’s a productivity topic you’d like me to explore, let me know in the comments!
The developer community should be aware we’ve detected a phishing campaign targeting AMO (addons.mozilla.org) accounts. Add-on developers should exercise extreme caution and scrutiny when receiving emails claiming to be from Mozilla/AMO. Phishing emails typically state some variation of the message “Your Mozilla Add-ons account requires an update to continue accessing developer features.”
In order to protect yourself and keep your AMO account secure, we strongly recommend that you:
Do not click any links in the email.
Verify the email was sent by a Mozilla-owned domain: firefox.com, mozilla.com, mozilla.org, mozillafoundation.org (or their subdomains).
Ensure that the email passes SPF, DKIM, and DMARC checks (consult your email provider and/or email client’s support documentation for details).
Validate that links in the email point to firefox.com, mozilla.com, mozilla.org, mozillafoundation.org (or their subdomains) before opening them; even better, navigate directly to these domains rather than clicking a link via email.
Only enter your Mozilla username and password on Mozilla-owned domains.
We’re launching a brand new series that will highlight features and improvements with Thunderbird 141.0 – your front row ticket to Thunderbird’s monthly enhancements! (No more waiting in the wings so to speak). Learn what’s new, why it matters, and how it’ll transform your inbox experience.
In March, we introduced a new monthly Release channel and swapped it as the default option on the Thunderbird.net downloads page.
As a quick refresher, Thunderbird now offers two core release channel options:
Release Channel: Updated monthly with new features, performance boosts, and bug fixes as they land.
ESR (Extended Support Release): Receives all of the above in one major annual update, focusing on stability, with point security and stability patches in between.
While both versions are equally stable, the Release channel provides faster access to cutting-edge tools and optimizations, while the ESR channel may provide more stability when using add-ons with Thunderbird.
Feedback on the Release channel has been overwhelmingly positive, with many users transitioning from ESR. To join them:
Now that we’ve gotten the formalities out of the way, let’s jump in to what’s new in 141.0!
New Features
Warning for Expiring PGP Keys
Thunderbird loves PGP like cats adore cardboard boxes! We prioritize user trust by making end-to-end encrypted email simple for everyone, from newcomers to experienced users. To help you get started or refresh your knowledge, our team and volunteers have written an excellent introduction to the topic, as well as a How-to and FAQ.
Key expiration serves as a security safeguard, requiring proactive renewal procedures that reinforce operational encryption competencies.
What changed:
Your warning light is lit: If your public key expires in 31 days, Thunderbird now flashes a red alert in the compose window. No post-expiry panic!
Why it matters:
Safety net: A key that auto-expires nudges you to refresh it.
Piece of mind: Before Thunderbird told you after-the-fact your key died. Now? Your inbox is proactive.
Archive from OS Notifications
The improvements to native notifications keep coming. Now, in addition to deleting a message, marking it as spam, or starring it, you can archive a message directly from your operating system’s notifications.
By default, the notifications you see include “Mark as Read” and “Delete”, however they can be customized further by going to Thunderbird Settings → General→ Incoming Mails and clicking on Customize.
Here you can select the information you want to see in your notification, as well as the actions you’d like to perform with it.
What changed:
New mail notifications have added the ‘Archive’ action.
Why it matters:
No need to go into the Thunderbird app to archive an incoming email now. More actions in notifications give you time to do the things you want, instead of managing your inbox.
Bug Fixes
Prioritize Link Hover URL in Status Bar
Thunderbird includes numerous features to protect you from suspicious mail and bad actors. One of these tools involves checking the URL of a link by hovering your mouse over the link text. The status bar would display the link URL, but it could be overwritten in fractions of a second by “Downloading message” and “Opening folder” messages. We’ve fixed this, and now the URL you’re hovering over will get priority in the status bar.
What changed:
Hovering over a link in an email will display it in the status bar without being immediately overwritten by other messages.
Why it matters:
Knowing where an email wants to send you is a major security boost, especially with the widespread threat of phishing emails.
Dots, Dashes, and Advanced Address Book Search
Three months ago, a community member noted that while the CardBook add-on could find phone numbers that used dots for separators, the Advanced Address Book Search in Thunderbird could not. Since we want users to be able to find contacts, and use the phone number formatting they want as well, we’ve built this ability into Thunderbird.
What changed:
The advanced address book in Thunderbird now recognizes phone numbers that use dots for separators.
Why it matters:
Saves time: Finds contacts faster and more accurately, no matter their format or storage location, eliminating need for manual cleanup or repeat searches.
Performance Improvements
Message List Scroll
To address message list scrolling performance, we adjusted how new rows are rendered but inadvertently introduced display delays. We’re reverting to the original row-handling method to properly assess performance impact before considering this change for Extended Support Release adoption. This allows precise measurement of optimizations against potential trade-offs, ensuring reliable performance in production environments.
What changed:
Reverting back to the previous method for how rows are updated.
Why it matters:
To accurately measure how the update affects scrolling performance before considering inclusion in an ESR.
Please note some of the information provided in this report may be subject to change as we are sometimes sharing information about projects that are still in early stages and are not final yet.
Are you a locale leader and want us to include new members in our upcoming reports? Contact us!
What’s new or coming up in Firefox desktop
Where’s Firefox Going Next?
Before getting into all the new features that recently landed in Nightly, we’re trying something new and would love your help. Check out this thread over on Mozilla Connect where you can help Firefox’s product managers plan their upcoming AMA (Ask Me Anything) by letting them know what you’ve always wanted to ask the Firefox team and which topics should be covered during the AMA.
Trust Panel
Available to translate and test in Nightly, the trust panel is a new feature designed to communicate to users what Firefox is doing to protect their privacy in friendly and easy to understand language. To check the feature out and review your translations, make sure to update your Nightly to the latest version (143) then navigate to “about:config” by typing it into your URL bar, click past the warning, then search browser.urlbar.trustPanel.featureGate and toggle the value to true.
Navigate to a website and the icon will appear on the side of your URL bar.
Clicking on it will show you the trust panel with a friendly Firefox letting you know you’re protected!
Profile Icons
Also recently landed was a large number of strings related to icons users can set as part of the recently added profiles feature. While we tried to make the comments as helpful as possible, there’s no substitute for seeing the image in context. You can check the icons out within Nightly yourself by editing or creating a new profile by clicking the Account button on your toolbar and selecting the Profiles menu. Or, you can refer to the following image with a screenshot and the associated name used in the string IDs.
Text Fragments
You can now test the text fragments creation UI (these strings were added a few months back, but they have just been activated in Firefox Nightly). This feature allows you to share/reference a link anchor to any text snippet in a page. See the team’s post about this feature here.
What’s new or coming up in mobile
The menu settings on Firefox for Android and iOS are being redesigned, which requires updates to some strings. Stay tuned as more are coming in!
What’s new or coming up in web projects
Firefox.com
The new Firefox.com site officially launched earlier this month following a soft launch period, which allowed time to identify and resolve any initial issues. Thank you to everyone who reported bugs during that time. Most of the content on the new site was copied from Mozilla.org. However, the team plans to remove duplicated pages over the next few months except for a few that will remain on both sites, such as the Thank You page. More substantial updates are planned for later this year and beyond.
What’s new or coming up in Pontoon
Unified plurals UI
We’ve updated how plural gettext (.po) messages are handled in Pontoon. Specifically, they now use the same UI we’ve already been using for Fluent strings.
We’d really appreciate your feedback! To explore the new plural editor, try searching for strings that include .match, which commonly contain plural forms. We’re especially interested in whether the new experience feels intuitive and “right”, and — most importantly — if you manage to break it.
New REST API Now Available
We’re excited to announce that Pontoon now offers a new REST API, built with Django REST Framework! This API is designed to provide a more reliable and consistent way to interact with Pontoon programmatically, and it’s already available for use.
You can explore the available endpoints and usage examples in the API README.
GraphQL API Scheduled for Deprecation
As part of this transition, we’ll be deprecating the Pontoon GraphQL API on November 5th, 2025. If you’re currently using the GraphQL API, we strongly encourage you to begin migrating to the new REST API, which will become the only supported interface going forward.
If you have any questions during the transition or run into issues, please don’t hesitate to open a discussion or file an issue. We’re here to help!
For the past few months, we’ve been talking about our roadmaps and development and answering community questions in a video and podcast series we call “State of the Thunder.” We’ve decided, after your feedback, to also cover them in a blog, for those who don’t have time to watch or listen to the entire session.
This session is focused on answering inquiries from the community, and we’ve got the questions and summaries of the answers (with helpful links to resources we mentioned)! This series runs every two weeks, and we’ll be creating blogs from here on in. If you have any questions you’d like answered, please feel free to include them in the comments!
Supporting and Sustaining FOSS Projects We Use
Question: As we move toward having more traditionally commercial offerings with services that are built on top of other projects, what is our plan in helping those projects’ maintenance (and financial) sustainability? If we find a good model, can we imagine extending it to our apps, too?
Answer: Right now, the only project we’re using to help build Thunderbird Pro is Stalwart, and we’ll have more details on how we’re using it soon. But we absolutely want to make sure the project gets financial support from us to support its sustainability and well-being. We want to play nice!
Appointment and Assist are from scratch, and Send is from old Firefox code, and so there isn’t another project to support with those. But to go back to a point Ryan Sipes has frequently made, while people can use all of these tools for free by self-hosting, they can subscribe as a way of both simplifying their usage and making sure these projects are supported for regular maintenance and a long life.
Future UI Settings Plans
Question: The interface is difficult to customize but more importantly is difficult to discover all the options available because they’re scattered around settings, account settings, top menu bar, context menus, etc. 140 Introduced the Appearance section in the settings, any plans to continue this effort with some more drastic restructuring of the UI?
Answer: Yes, we do have plans! We know the existing UI isn’t the most welcoming, since it is so powerful and we don’t want to overwhelm users with every option they can configure. We have a roadmap that’s almost ready to share that involves restructuring Account Settings. Right now, individual settings are very scattered, and we want to group things together into related sections that can all be changed at the same time. We want to simplify discoverability to make it easier to customize Thunderbird without digging into the config panel.
Account Setup and Manual Configuration
Question: Using manual configuration during email setup has become more difficult with time with the prioritization of email autoconfiguration.
Answer: Unfortunately, manual setup has confused a lot of casual users, which is why we’ve prioritized autodiscovery and autosetup. We’ve done a lot of exploration and testing with our Design team, and in turn they’ve done a lot of discussion and testing with our community. You can see some of these conversations in our UX mailing list. And even if you have to start the process, there is a link in it to edit the configuration manually. Ultimately, we have to have a balance between less technical and more technical users, and to be as usable and approachable as we can to the former.
Balancing Complexity and Simplicity
Question: Thunderbird is powerful with a lot of options but it should have more. Any plans to integrate ImportExportTools (and other add-ons) and add more functionalities?
Answer:Thunderbird’s Add-ons are often meant for users who like more complexity! When we tackle this question, there’s two issues that come to mind. First, several developers get financial support from their users, and we want to be mindful of that. Second is the eternal question of how many features are too many features? We already have this issue in feedback between “Thunderbird doesn’t have enough features” and “Thunderbird is too complicated!” Every feature we add gives us more technical debt. If we bring an add-on into core, we can support it for the long term.
We think this question may also come from the fact that Add-ons often “break” with each ESR release. But we’re trying to find ways to support developers to use the API to increase compatibility. We’re also considering how we can financially support Add-on developers to help them maintain their apps. Our core developers are pressed for time, and so we’re beyond grateful to the Add-on developers who can make Thunderbird stronger and more specialized than we could on our own!
Benefits of the New Monthly Release Channel
Question: Is the new Release channel with monthly versions working properly and bringing any benefits?
Answer: Yes, on both counts! Right now, we have 10 to 20 percent of Thunderbird desktop users on the Release channel. While we don’t have hard numbers for the benefits YET, we’d love to get some numbers on improvements in bug reactivity and other indicators. We noticed this year’s ESR had far fewer bugs, which probably owed to Release users testing new features. While we’ve always had Beta users, we have so many more people on Release. So if something went wrong, we could fix it, let it “ride the train,” and have the fix in the next version.
And our developers have stopped wondering when our features will make it to users! Things will be in users’ hands in a month, versus nearly a year for some features.
JMAP Support in Thunderbird
Question: Any plans on supporting JMAP?
Answer: 100% yes. Though JMAP is still something of a niche protocol, with doesn’t yet have widespread support from major providers. But now, with Thundermail we’ll be our own provider, and it will come with JMAP. Also, with the upcoming iOS app, it will be easy to add support for JMAP. First, we’re making the app from scratch so we have no technical debt. Second, we can do things properly from the start and be protocol agnostic.
Also, we’ve taken several lessons from our Exchange implementation, namely how to implement a new protocol properly. This will help us add support for JMAP faster.
Maintaining Backups in Thunderbird
Question: I have used Thunderbird since its first release and I always wondered how to properly and safely maintain backups of local emails. No matter how much I hate Outlook it offers built-in backup archives of .pst files that can be moved to other installations. The closest thing in Thunderbird is to copy the entire profile folder, but that comes with many more unpredictable outcomes.
I might be asking for something uncommon but I manage many projects with a very heavy communication flow between multiple clients, and when the project is completed I like to export the project folder with all the messages into a single PST file and create a couple of back-ups for safety, so no matter if my email server has problems, or the emails on my server and computer are accidentally deleted, I have that folder back-up as a single file which I can import into a new installation.
Answer: We’d love for anyone with this question to come talk to us about how to improve our Import/Export tools. Unfortunately, there’s no universal email archive format, and a major issue is that Outlook’s backup files are in a proprietary format. We’ve rebuilt the Import/Export UI and done a bit on the backend. Alas, this is all we’ve had time for.
So, if you’d like to help us tackle this problem, come chat with us! You can find us on Matrix and in the Developers and Planning mailing lists. We think there’s definitely room for a standard around email backups.
The choices governments make today, about who gets to build, access and benefit from AI, will shape economic competitiveness, national security and digital rights for decades.
A new report by UK think tank, Demos, supported by Mozilla, makes the case that if the UK wants to thrive in the AI era it must embrace openness. And while the report is tailored to the UK context, its implications reach far beyond Westminster.
Unlike the US or China, the UK and many other countries cannot outspend or outscale on AI, but they can out-collaborate. Demos’ report The Open Dividend: Building an AI openness strategy to unlock the UK’s AI potential, argues that making key AI resources – models, datasets, compute and safety tools, more openly accessible can spur innovation, lower the costs of AI adoption, enable safer and more transparent development, boost digital sovereignty and align AI more closely with public value. A recipe, if there ever was one, for ‘winning’ at AI.
The wider market certainly reflects these trends – the AI sector is shifting toward value accruing in smaller, specialised and more efficient models. Developments all spurred on by open source innovation. But this also means open models aren’t just more accessible and customisable, they’re becoming more capable too.
This echoes another recent study Mozilla supported, this time a survey of more than 700 businesses conducted by McKinsey. Among its top findings – 50% of respondents are already leveraging an open source solution across their stack. More than three-quarters reported that they intended to grow this usage. Most significantly, the first movers – organisations that see AI as vital to their future competitive advantage – are more than 40% more likely to use open source models and tools than respondents from other organisations. Similar research just published by the Linux Foundation has also found openness is fast becoming a competitive edge. Demos’s report expands upon these stats – strategically utilising openness in AI is not just about sharing code, it’s about shaping a more resilient and prosperous ecosystem.
The risks of centralisation are well known and global. We have seen it before with the development of the internet. If we let AI ecosystems become concentrated, so that all power remains in the hands of a few firms and their proprietary models, this will make it much harder to ensure AI serves people – rather than the other way around. It also raises more urgent concerns about market dominance, bias, surveillance, and national resilience.
If we want AI to serve humanity, we all have a stake in getting this right.
As the Demos report argues, openness isn’t just a value – it’s a strategy. We were proud to support the development of this timely report – read it here.
Thunderbird is (and has always been) powered by the people. The project exists because of the amazing community of passionate code contributors, bug-bashers, content creators, and all-around wonderful humans who have stood behind it and worked to support and maintain it over the years.
And as the Thunderbird community grows, we want to ensure that we [the team supporting you] grow alongside you, so that we can continue to collaborate and build effectively and efficiently together.
That’s why we’re thrilled to announce a refreshed and growing Thunderbird Community Team here at MZLA! Expect a little more structure, a lot more collaboration, and an open invitation to our users and contributors to join us and help shape what comes next.
Meet the Team
Whether you’re filing your first bug, searching for support, writing documentation, or just dropping into Matrix to say hi, this is the team working hard behind the scenes to make sure your experience is productive, constructive, and superconductive:
Michael Ellis | Manager of Community Programs
Hey there! I’m Michael, and I’m joining the Thunderbird family as Manager of Community Programs to help grow and support our awesome community. I’ll be working on programs that help improve contributor pathways and make it easier for more people to get involved in the work we do and the decisions we make on a day-to-day basis.
I come from a background of managing developer communities and running large-scale programs at organizations like Mozilla, Ionic, and NXP Semiconductors. I believe open-source communities are strongest when they’re welcoming, engaging, and well-supported. I like gifs and memes very much.
I look forward to seeing you in the Thunderbird community and saying hello to one another on Matrix!
Until then, Keep on Rocking the Free Web!
Wayne Mery | Senior Community Manager
Greetings everyone. Wayne here, also known as wsmwk. I have used open source for forty years, been a user of and contributor to Thunderbird for twenty years, and am a founding member of the Thunderbird Council, and have run several of the council elections.
I love to mentor and connect to our community members who assist Thunderbird users in Reddit, Connect, matrix (chat), bugzilla, github, topicbox forums, Thunderbird support in SUMO (SUpport MOzilla), and other venues. And I help manage these venues and assist users, to bring the concerns of the user community to developers. I also assist in developing content for users (including knowledge base articles in SUMO) and assist in our general communications with users.
There are many ways you can participate in small ways or large, including through praise or constructive feedback through the venues listed above and those listed on our participate web page – I encourage you to do so at your convenience. And I look forward to connecting with you soon.
I’ve been part of the Thunderbird family for nearly two years, working with the awesome Desktop team. Now, I’m thrilled to be joining the Community team, led by Michael, where I’ll be focusing on initiatives to support and grow our amazing contributor community.
If you’re interested in contributing or need help getting started, don’t hesitate to reach out to me on Matrix — I’d love to chat!
What’s the Road Ahead?
Community is at the heart of everything Thunderbird does. As our product continues to evolve and improve, we want our community experience to keep pace with that growth. This means not only working to keep Thunderbird open, but striving towards better contributor pathways, clearer communication, and more opportunities to participate.
We’re here to listen, collaborate, and help you succeed. You can expect to see more initiatives, experiments, and outreach from us soon, but you don’t have to wait till then to weigh in.
Have thoughts or suggestions? Drop a comment below to share them directly, or visit our Connect thread to see what others are saying and add your own ideas there. Together, we can help shape the future of the Thunderbird community and product.
After all, Thunderbird is powered by the people, & that includes you.
Welcome back to another edition of the Community Office Hours! This month, we’re taking a closer look at Thunderbird 140.0 ESR “Eclipse,” our latest Extended Support Release! Sr. Manager of Desktop Engineering Toby Pilling (who so helpfully provides the Thunderbird Monthly Development Digest) is walking us through the latest Thunderbird. He’ll let us know what’s in, what’s out, and why you should give the new monthly Release channel a try. We’re also introducing a new member of the Thunderbird Team, Manager of Community Programs Michael Ellis.
Michael (and the Thunderbird team!) are here to listen, collaborate, and help you succeed. You can expect to see more initiatives, experiments, and outreach from us soon, but you don’t have to wait till then to weigh in. Have thoughts or suggestions on how to improve the community? Drop a comment below to share them directly, or visit our Connect thread to see what others are saying and add your own ideas there. Together, we can help shape the future of the Thunderbird community and product.
Next month, we’ll be talking with Product Design Rebecca Taylor and Associate Designer Solange Valverde to talk about our team’s recent efforts to make Thunderbird more accessible. This not only involves seeing where we’re doing well, but finding where we’re falling short. It’s been a while since we’ve talked about Accessibility here, and we’re excited to continue the conversation. If you have questions about Accessibility in either the desktop or Android app you’d like us to ask our guests, please leave them as a comment below!
July Office Hours: Thunderbird 140.0 ESR “Eclipse”
As Toby shows us in his introduction, the major theme of Thunderbird 140.0 ESR “Eclipse” is stability. We took lessons from last year’s ESR, when we introduced code to 128.0 that was a little harder to test than expected given when it landed. We’re also waiting on some major changes in the works, namely the refreshed Calendar UI and the database backend rewrite. This was, every feature that made it to this year’s ESR was fully baked.
What’s In
And there’s a lot of features to discuss! Toby walks through what’s new in 140.0, starting with a trio of visual improvements. Thunderbird now adapts the message window to dark mode, and provides a toggle to switch dark mode off in case of styling issues. In the new Appearance Settings, users can globally take control of their message list, toggling between Cards and Table View, Threaded and Unthreaded, and Grouped by Sort across all their accounts. This feature also allows switching Cards View between a 2 and 3 row preview, and to propagate default sorting orders to all folders. Finally, a community-powered and staff-supported feature allows users to reorder user-created folders by manually dragging and dropping them.
140.0 ESR Also introduces the Account Hub, which we covered in a previous Office Hours! You’ll see this when you add a second account, and it will seamlessly walk you through setting up not only your email, but connected address books and calendars.
To help maximize your time and minimize your clicks, Thunderbird now uses Native Notifications for Linux, Mac, and Windows. While for now you can delete messages and mark them as read directly from notifications, we have more actions up our sleeve, coming soon to the monthly Release channel!
Finally, we close out our new features. Experimental Exchange Support, which can be enabled via preference, introduces native Exchange email support to desktop Thunderbird. Though for a fully supported experience, we encourage you to switch to the monthly Release channel, where more Exchange improvements are coming. Export for Mobile allows you to generate a QR code to import your account configurations and credentials into the Thunderbird Android app. And Horizontal Scroll for Table View allows you to scroll the message list horizontally and read complex tabular data more like a spreadsheet.
What’s Out
But for everything we put in to 140.0 ESR, we had to leave some things out. Experimental Exchange Support only includes email, not calendar or address books. We also don’t yet support Graph API. Additionally, 140.0 ESR doesn’t include a new UI for Tasks, Chat, or Settings. Account Hub won’t be enabled for first-time user experiences in ESR, though this will be coming to monthly Release, as will the new Account Hub for Address Books.
Try the Monthly Release Channel
While we’re excited and proud to introduce Thunderbird 140.0 ESR “Eclipse,” we also hope you’ll try out new monthly Release channel. Read more about it and learn how you can get new features faster in our announcement.
Watch, Read, and Get Involved
Thanks for reading, and as always, you can learn more by watching the video (with handy chapter markers, if you just want to hear about your favorite new feature) and reading the presentation slides. If you’re looking to get involved with the community, from QA to support to helping develop new features, check out our “Get Involved” page on our website. You can also check out the specific resources below! See you all next month.
Mozilla’s open letter to the UK’s Secretary of State for Business and Trade, the Secretary of State for Science, Innovation and Technology, and the CEO of the CMA
Rt Hon Peter Kyle MP, Department for Science, Innovation and Technology
Rt Hon Jonathan Reynolds MP, Department for Business and Trade
Sarah Cardell, Chief Executive Officer, Competition and Markets Authority
23 July 2025
Dear Secretaries of State and Chief Executive Officer,
At present a small handful of companies dominate our digital lives, limiting our experiences and stifling competition and innovation. Today’s provisional decisions from the Competition and Markets Authority (CMA) to designate Google and Apple as having “Strategic Market Status” in mobile ecosystems is a crucial step towards changing that: giving people genuine choice online and bringing renewed dynamism to the UK’s digital economy via the Digital Markets, Competition and Consumers Act (DMCCA).
Well-designed regulation like the DMCCA can be a boon to economic growth, lowering the barriers to entry and thus facilitating investment and innovation from both domestic and international companies and developers. We have experienced first hand the impact of ex ante competition regulation: since the obligations of the EU’s Digital Markets Act (DMA) came into force over a year ago Mozilla has seen iOS daily active users in the EU grow by 100% with extremely high rates of retention — evidence that when given real choice, people choose independent products like Firefox and they stick with them. Mozilla also saw a 20% increase in daily Firefox Android users, despite a more inconsistent rollout of browser choice screens.
Why This Matters: When Choice Disappears, Innovation Stalls
Challenging seemingly untouchable giants by offering choice and innovation is in Mozilla’s DNA. When Firefox 1.0 was introduced, it gave people tabbed browsing, pop-up blocking and speed that revolutionised their experiences online — all powered by Mozilla’s browser engine, Gecko.
Despite intense lobbying from the largest technology companies, Parliament acted with cross-party support in 2024 to promote digital competition by passing the DMCCA, recognising that it “stimulates innovation across the economy and helps to drive productivity growth, ultimately raising living standards.”
In the CMA, the UK has an expert regulator with specific market knowledge from investigations into mobile ecosystems and browser competition. It has a track record of unlocking innovation by opening markets, such as with open banking. Other jurisdictions are watching closely and can follow the UK’s successes.
We have already seen the impact the EU DMA can have for consumers. The DMCCA has the potential to be even more effective, giving the UK “second mover advantage” with flexible and targeted interventions. We are also now seeing other countries around the world look to follow the UK’s lead in passing new digital competition laws, while in the US there is a clamour from challenger firms and investors to introduce similar frameworks to level the playing field. As such, this is a chance for the UK to lead, delivering surgical remedies, ensuring real choice for consumers and demonstrating that a level playing field for businesses is possible.
A Shared Responsibility
We cannot simply rely on the goodwill of designated firms to deliver these benefits. The experience from the first year of the DMA suggests they will fight to make the DMCCA fail and use it as an example of why intervention does not work.
Without swift action, operating system providers will continue to entrench their positions and squeeze out alternatives. For UK businesses trying to break into digital markets, interventions must be both timely and effective.
As an organisation that exists to createan internet that is open and accessible to all, Mozilla has longsupported competitive digital markets. The DMCCA’s success is a shared responsibility: challenger companies, civil society, academics and researchers are playing their part. We ask that the CMA and the government seize this once-in-a-generation opportunity to deliver choice, competition and economic growth for UK consumers.
Yours sincerely,
Linda Griffin, VP Global Policy
Kush Amlani, Director, Global Competition & Regulation
Mozilla is the non-profit backed technology company that champions privacy, human dignity, and an open internet. Our mission is to ensure the internet is a global public resource, open and accessible to all.
After years in development, we will be releasing WebGPU on Windows in Firefox 141! WebGPU gives web content a modern interface to the user’s graphics processor, enabling high-performance computation and rendering. We’re excited about WebGPU because we believe it will raise the ceiling for games, visualization, and local computation on the web.
You can find a tutorial on WebGPU at webgpufundamentals.org, try out the WebGPU Samples, and read documentation for the API at MDN. WebGPU is defined in two W3C standards, WebGPU and WGSL, whose development Mozilla has participated in since it began in 2017.
WebGPU has been available in Google Chrome since 2023, and is expected to be available in Safari 26 this fall.
Although Firefox 141 enables WebGPU only on Windows, we plan to ship WebGPU on Mac and Linux in the coming months, and finally on Android. Windows was our first priority because that’s where the great majority of our users are, but we are looking forward to enabling it on the other platforms as soon as it is robust and our test coverage is adequate. (Your humble author is strictly a Linux user, so this concern is close to his heart.) Note that WebGPU has been available in Firefox Nightly on all platforms other than Android for quite some time.
Firefox’s WebGPU implementation is based on WGPU, a Rust crate that provides a unified, portable interface to the low-level graphics APIs of the underlying platform: Direct3D 12, Metal, and Vulkan. WGPU is developed as an independent open source project on GitHub, but Mozilla is a major contributor. WGPU is widely used outside Firefox, and has an active community, so if you are a Rust developer interested in contributing to Firefox’s WebGPU support, WGPU is a good place to start.
WebGPU is a large, complex API. We’ve focused our efforts so far on making high-visibility WebGPU applications and demos run smoothly, and we believe it should work well in Firefox 141 for many use cases. However, there is plenty of work remaining to be done to improve our performance and compliance with the specification. In particular:
Firefox uses unbuffered inter-process communication to convey web content’s requests to the GPU sandbox process, which introduces significant overhead. We addressed this in Bug 1968122, which improved performance significantly. The fix will appear in Firefox 142.
Firefox currently uses an interval timer to tell when the GPU has completed a task, adding significant latency to many applications where the task finishes quickly. There are better ways to do this, we are changing Firefox to use them. You can follow our progress in Bug 1870699.
Firefox does not yet support WebGPU’s importExternalTexture method, which lets the GPU read decompressed video content directly from the decoder. You can follow our progress in Bug 1827116.
Please give WebGPU a try in Firefox! If you encounter problems, please report them in the WebGPU component in Bugzilla. As always, provide us with as detailed instructions as you can to make the bug occur, and attach the contents of about:support to the bug so we can see what kind of system you are using.
It’s been a big project, but we’re done tinkering with the engine and taking test drives — we’re finally ready to roll WebGPU out of the garage and hand it over to you for daily use. We’re looking forward to seeing what you can do with WebGPU in Firefox!
Welcome back to another update on how things are going on mobile.
Thunderbird for iOS
We’ve been going back and forth between database and JMAP for Thunderbird for iOS. Most of the visible work has flown into creating an initial JMAP library that we can use to access the parts that we need from Thunderbird for iOS. This work will continue into July as well. Progress so far means making JSON requests and parsing responses and making standard get/set/query requests. There is support for working with sessions as well.
In July we’ll have a few things to show for viewing actual folders and email messages. Very preliminary, but already quite some progress! I’m almost tempted to post the screenshots now but I’ll wait until next month. We’ll also be releasing a new (currently still internal) Testflight version when everything has landed.
Thunderbird for Android
We want to make Thunderbird for Android more accessible to contributors and improve some of our documentation. Part of that is our brand new testing guide which talks about which testing patterns to use, how to adhere to our naming conventions and some guidelines around fakes vs mocks. We’ve recently been talking about making more use of the Maestro testing framework, as it makes it very simple to add tests even for folks without engineering experience.
Further we’ve made some strides on our overall architecture documentation. If you’ve been reluctant to contribute because of the learning curve, this might be your chance to make another attempt. Even if you are an existing contributor, we believe the docs will help you understand the codebase a bit better. Let us know what you think, if you see a way that our documentation can be improved go ahead and file an issue.
Next up, we’re nearing the end of the drawer updates we’ve been working on. We know a bunch of folks weren’t very happy with the navigation rail given the extra horizontal space it uses, and it being unclear which account you actually have selected. We’re returning the account selector to the top, and sporting a separate “Unified Account” where you can find not just your unified inbox, but also some other unified folders. If you’ve set up custom unified folders previously these will appear there as well.
Additional updates
Ashley has worked on sync debug tooling so we can get a better understanding of any issues related to emails not arriving in time.
Jan has switched the EHLO string from 127.0.0.1 to ehlo.thunderbird.net to increase compatibility with email servers that don’t accept 127.0.0.1.
João has improved accessibility of the contact pictures in the message view, and fixed an issue where the “Download Complete Message” button was hidden by the navigation bar.
Rafael has been working on the foundations of in-app error notifications. He improved swiping actions for when the account does not have an archive folder set, to avoid surprises. Through this work a bunch of files have been migrated from Java to Kotlin, great work!
Stefan has fixed an issue where some I/O errors were not correctly caught. I’m particularly excited about this since it smooths over the situation where you change from one network to the next, so that push email will arrive a little more reliably.
Wolf has revamped some of our internal logging support to be more consistent. We really don’t need multiple different loggers and might want to change the implementation once in a while There has also been a bunch of Java/Kotlin conversion going on, and some refactoring in the local search code. Above mentioned work on the drawer and documentation was also Wolf’s work.
Shamim continues to rock the refactoring. By far the most Java to Kotlin conversion, fixing a crash when adding an account after removal, making threaded view update correctly when in the message list. Notably, the [Gmail] folder placeholder is now no longer visible, you’ll see the subfolders directly.
— Philipp Kewisch (he/him) Thunderbird Mobile Engineering | Mozilla Thunderbird thunderbird.net
Hello once more from the Thunderbird development team! For many of our team members, the summer has started with our annual sprint to release ESR and enjoy a little time afk, as our colleagues in the southern hemisphere hunker down for winter and power through a pile of work down under.
Extended Support Release is alive!
For enterprise users (and those who have been using Thunderbird for a long time and found themselves on the Extended Support Release channel), the annual release “ESR 140 Eclipse” has made it to our update servers and will be pushed out over the next few weeks.
We had initially planned to release within hours or days of the Firefox ESR release, but much of the ESR build process has changed in the last 12 months (largely due to the Firefox mozilla-central Git migration) – so we ended up learning a lot and took pause to release at a time that produced the best experience for the majority of our users.
In the hours following the initial release, we have another build hot on its heels which includes some important patches and will ship today or tomorrow. Things move fast around here!
If waiting a year doesn’t sound appealing to you, our Monthly release may be better suited. It offers access to the latest features, improvements, and fixes as soon as they’re ready. Watch out for an in-app invitation to upgrade or install over ESR to retain your profile settings.
Exchange support in Daily
The EWS 0.2 milestone has been completed and the feature was turned on by default in Daily release to facilitate more manual QA testing. In order to provide test coverage on a variety of EWS server versions and configurations, we’re tackling in a few ways:
Adding a small number of Hosted Exchange 2016 mailboxes to facilitate testing of all existing functionality at endpoints other than O365.
Contacting enterprise partners who can help us test on their infrastructure – please get in touch if this might be you!
Hosting our own EWS instance that allows us to configure a variety of security and authentication settings to ensure our code works for all
Focusing on automated test coverage throughout the month of July
Since my last update, the team has grown even more and made great progress on items in our “Phase 2 operations” and “Phase 2 polish” milestones, with these features delivered recently:
EWS-to-EWS move & copy for items and folders
Authentication Error handling
Server Version handling
Threading support
Folder updates & deletions during sync operations
Folder cache cleanup
Folder copy/move
Bug fixes!
We plan to temporarily expand the team during July to include two more of our most experienced senior engineers to push this project over the finish line and tackle some remaining complexities:
The new email account feature was enabled as the default experience for users adding their second email account. It is now available in all release channels. We’re currently finalizing the UX and associated functionality that detects whether account autodiscovery requires a password, and reacts accordingly – which will hopefully be uplifted once stable.
We’re wrapping up the redesigned Account Hub UI for Address Book account additions this week, which we’ll enable for users on Daily and beta in the coming weeks. Look out for it in our Monthly release 142.
Global Message Database
Since the last update, we’ve landed a landslide of patches. Critical refactoring continues to clean and optimize the code, in many cases clearing the way for new beneficial protocol implementations.
To follow their progress, take a look at the meta bug dependency tree. The team also maintains documentation in Sourcedocs which are visible here.
Recent Features and Fixes
A number of other features and fixes have reached our Daily users this month. We want to give special thanks to the contributors who made the following possible…
If you would like to see new features as they land, and help us squash some early bugs, you can try running daily and check the pushlog to see what has recently landed. This assistance is immensely helpful for catching problems early.
It’s been a long overdue since our last update. Previously, we shared these recaps on a quarterly basis, but this time, we’re trying out a slightly new format and cadence to keep things fresh and more in tune with what’s happening across the community.
In this post, we also include a broader set of data to give a clearer picture of how the community performed in H1 2025. We hope it helps highlight both what’s working well and where we have room for improvements.
Without further ado, let’s dive in!
Highlights
We started the year strong with the Firefox Address Bar Test Day Event in January 2025, which was a great success. By the end of the campaign, 40% of the average Daily Active Users who tried the feature completed the survey, which is an impressive response rate. The feedback collected gave the product team valuable insights to help refine the feature ahead of a broader launch.
In early February, a few of us were headed to Brussels for FOSDEM 2025. It was truly wonderful to finally be able to connect face to face again.
In May 2025, we made the difficult decision to shut down the Social Support and Mobile Store Support to focus more on the Community Forums. This wasn’t a decision made lightly. We deeply appreciate the incredible dedication, time, and care that so many of you have invested in these programs over the years. We’re truly grateful for everything you’ve done to support users and represent Mozilla in these spaces that have made users feel heard, supported, and connected to our mission.
We released the automatic spam moderation and topic classification to reduce moderation workload in early June. Posts that are clearly spam are now automatically marked as spam. By the end of June, we found that 87.85% of questions marked as spam automatically by this automation. This has significantly reduced the moderation workload previously handled by forum moderators, support agents, and CMs. We also noticed that the average spam rate per ISO week has increased to 40% in June (compared to 19% in the previous period), which may suggest that spam was previously under-reported. Huge kudos to the team who worked on this project. We can’t wait to learn more about what else we can do with this technology.
Mozilla’s staff in the Customer Experience (CX) team went through several structural changes this year, with the departure of several members. Make sure to check out the Meet the Team page to see the most up-to-date team structure.
Community stats
Knowledge Base
In the Knowledge Base (KB) space, we saw a moderate increase in activity, with total revisions up by almost 5% and total articles growing by around 14%. Notably, the number of contributors rose to 105 (+14%), and reviewer participation increase
In article localization, overall activity slightly declined, with total non-en-US revisions down 10.5%, and article count down 4.4%. Despite this, the number of authors and reviewers increased by 4.2% and 8%, respectively, showing sustained contributor engagement. Review efficiency notably improved, with average review time down by 41.6%.
Forum support activity saw a significant uptick, with valid questions rising 24.4% and contributor participation jumping 50%. However, challenges remain: the solve rate dropped by 20.8%, and OP reply rate fell by 24.1%, which may indicate reduced follow-up from users. The spam rate spiked to 23.76%, but reply rates improved slightly, and the average time to first reply dropped by 22.5%.
Participate in ongoing discussions on the Contributor Forum to catch up on the latest updates and share your input.
Drop by our Matrix channel for more casual chats with fellow contributors.
Attend Our Monthly Community Call
Every month, we host a community call to share updates about Firefox and community activities. Watch past recordings from 2025!
Don’t hesitate to join the call in person if you can. We try our best to provide a safe space for everyone to contribute. Don’t feel pressured to turn on your camera or speak if you’re not comfortable. You can also:
Submit your questions ahead of time via the Contributor Forum or Matrix
Lurk silently and absorb the updates—your presence is still valued!
Stay Informed
Follow the SUMO Blog for the latest community news and updates.
The wait is over! Thunderbird 140 “Eclipse” has reached totality. From all of us at the Thunderbird project, from MZLA staff and the Thunderbird Council to our global community of contributors, we’re excited to announce the latest Extended Support Release has arrived.
Eclipse not only builds on Thunderbird 128 “Nebula,” but also the recent features and improvements from the Monthly Release channel. This latest release transforms your email experience with adaptive dark messaging and improved visual controls. Enhanced features keep everyday email tasks light and effortless, while the streamlined new Account Hub ensures adding new accounts is a snap.
Dark Message Mode
Thunderbird’s Dark Mode now automatically adapts your messages when enabled, to ensure your Dark Mode experience stays totally dark. Need to bring your messages back into the light in case of visual problems? Adjust your message view as needed with a quick optional toggle.
Appearance Settings
Make Thunderbird yours across all your folders and accounts with a single click in the Settings (panel). Change your message list layout between Cards and Table view, adjust your Cards View, and set your default sorting order and threading options with ease.
Native OS Notifications
Leverage the speed and ease of your Operating System’s built-in notifications, whether you’re on Windows, Linux, or Mac. Quickly delete, archive, or use customizable actions directly from your notifications and get more done with your day.
Account Hub
Adding a new account to Thunderbird is now easier than ever. Connect all of your emails, address books and calendars in a few easy steps.
Manual Folder Sorting
Don’t like the order for your custom folders? Just click and drag to arrange them exactly how you want.
Don’t like the order for your custom folders? Just click and drag to arrange them exactly how you want.
More Refinements & Updates
Experimental Exchange Support Natively set up a Microsoft Exchange account in Thunderbird by enabling a preference.
Export for Mobile Generate a QR code to quickly transfer your account settings and credentials to your Thunderbird for Android app.
Horizontal Scroll for Table View Lots of tabular data? Let the message list scroll horizontally, like a spreadsheet or file manager.
Bug Fixes and Improvements
Thousands of bug fixes and performance improvements to bring you the smooth, reliable Thunderbird experience you expect.
Looking Forward
Whether you’re waiting for the next Thunderbird ESR or total solar eclipse, we understand that sometimes you want new features, or that cosmic awe, sooner. While we can’t change the universe, you can now get the latest Thunderbird features as they land, instead of once a year. Switch to Thunderbird Release and enjoy monthly updates with the same dependable stability.
Thunderbird 140 Availability For Windows, Linux, and MacOS
Even with QA and beta testing, any major software release may have issues exposed after significant public testing. That’s why we are slowly enabling automatic updates until we’re confident no such issues exist. We do have a known issue where users sending mail through 32bit MAPI will be prompted for a password, unless they use the compose window.
We have enabled manual upgrade to 140 via Help > About, and you can upgrade now or wait to receive automatic updates. Thunderbird version 140.0 is also offered as direct download from thunderbird.net. Be sure to select ‘Thunderbird Extended Support Release’ in the ‘Release Channel’ drop-down menu.
For Linux users running Thunderbird from the snap or flatpak, 140 will be available within the next few weeks. Likewise, Thunderbird 140 will also arrive on the Windows store by mid-July.
Something we’ve long known at Mozilla is that our localization community thrives on personal connections. For years, regional meetups brought volunteers and staff together multiple times a year — forging friendships, sharing knowledge, and collectively advancing the mission of a multilingual, open internet.
After a five-year pause, we’re thrilled to share that in June 2025, we re-ignited that tradition with a pilot localization meetup at the Mozilla Berlin office; it was everything we hoped for, and more.
A Weekend of Community, Collaboration, and Fresh Energy
Fourteen volunteers from 11 different locales gathered for a weekend full of shared ideas, meaningful conversations, and collaborative problem-solving. For many, it was their first time meeting fellow contributors in person, people they’d worked with for years, but only ever known through usernames and chat windows. For others, it was a long-awaited reunion, finally bringing back to life connections that had existed solely online since the last wave of community meetups.
“We now feel more connected and will work together more closely,” shared one participant, reflecting on the emotional impact of finally connecting face-to-face.
Throughout the weekend, we dove into topics ranging from community building to localization tooling. Some standout moments included:
Candid discussions about what it means to lead within a localization community, the challenges of maintaining momentum, and what kind of support really makes a difference.
David’s lightning talk on the Sicilian language and community, which sparked conversations about linguistic diversity and revitalizing regional languages through digitalization.
Collaborative Pontoon brainstorming session, where localizers took the lead in proposing enhancements, suggesting new features, and sharing pain points — and some even supporting each other with development setup and hands-on exploration.
And of course, there was time for laughter, great food, and spontaneous late-night ideas that could only come from being in the same room together.
As one localizer put it: “The event gave me fresh energy and ideas to contribute more actively to Mozilla.”
Behind the Scenes
Organizing this meetup — especially after a multi-year hiatus — was a complex endeavor. Though we were eager to bring people together in the first half of the year, it took nearly nine months of planning. In the end, only two weekends aligned with enough staff availability to make the event possible.
To keep things focused and manageable for a pilot, we made a few strategic decisions:
Location: with a local staff member on the ground and access to Mozilla’s Berlin office, we could streamline logistics — from restaurant bookings and lunch deliveries to helping attendees navigate international travel with clear guidance and local support.
Participant selection: we prioritized inviting contributors who were highly active in Pontoon, and whose travel would be cost-effective and visa-free. This helped reduce uncertainty and made the event more accessible.
Budget-aware planning: we extended invitations to 34 community members and received interest from 27. Due to scheduling overlaps, 14 were ultimately able to attend.
Why This Matters
Events like this don’t just strengthen Mozilla’s localization work, they strengthen Mozilla as a whole. Contributors left Berlin feeling recognized, energized, and motivated, and organizers left with a renewed sense of purpose and clarity about how vital it is to invest in human connection.
It also gave us space to hear directly from contributors — not in surveys or chat threads, but in real time, with nuance and context. Those conversations helped surface both immediate ideas for improvement and deeper questions about what sustainable, meaningful participation looks like in today’s Mozilla. It was a reminder that strong localization doesn’t just come from good tools and processes, but from mutual trust, shared ownership, and space to collaborate openly.
Looking Ahead
We’re now regrouping to reflect on lessons learned and to explore if it’s possible to scale these meetups going forward. That means thinking carefully about aspects like:
How do we support communities in regions where Mozilla has no local staff?
How do we navigate unknowns, like visa requirements, more complex traveling logistics, etc.?
How do we sustainably host more meetups per year and ensure they’re just as impactful?
One thing is certain: this pilot proved once again the value of in-person community building. It re-affirmed something our community has said all along — that being together matters.
We’re incredibly grateful to everyone who participated, and we’re excited about the possibilities ahead. Whether you’re a seasoned localizer or just getting started, we hope this story inspires you. Your contributions make Mozilla possible and we truly hope we can celebrate that together, in more places around the world.
POST UPDATED: 4 August, 2025 — Updated policies for addons.mozilla.org (AMO) are now in effect. We also added a new section about implicit consent for self-evident, single-use data transmission.
Here’s a summary of the policy changes and their impact on AMO’s publishing process. Our main objective was to simplify and clarify Add-on policies for the developer community. The following policy updates will take effect on 4 August, 2025.
“Closed group” prohibition lifted
Closed group extensions are typically intended for internal or private use among a relatively small group of users. In the past AMO did not allow closed group extensions, but we’re lifting this prohibition to give developers more flexibility to publish restricted access extensions for any number of reasons.
Implicit consent for self-evident, single-use extensions
We’ve added new guidelines around implicit consent for single-use extensions in cases where using the feature obviously requires data transmission (must be apparent to users from the extension description/name and UI). Examples might include image search extensions, cloud-based language or grammar tools, file uploaders, etc. For these single-use, self-evident features, data consent is implied and developers are not required to ask for explicit consent. This policy addition furthers our efforts to streamline the developer experience.
Data consent and control terminology
We’ve updated terminology in an effort to clarify our policies related to user data consent and control.
A core aspect of our data policy is we only permit extensions to transmit data that’s necessary for functionality (and even so users must consent to data transmission). Prior policy language often intermingled the terms collection and transmission of data. This was often confusing for developers who naturally assumed these were two separate aspects of handling data. But in fact we are only concerned with the transmission of data outside of an extension or browser. Thus we’ve removed all references to the collection of user data and framed all data concerns around transmission.
Privacy policy not required to be hosted on AMO
In effort to reduce developer overhead and publishing friction, we are no longer requiring extensions to host privacy policies on AMO. Rather, we encourage developers to link to self-hosted privacy policies. Removing this requirement will allow developers to more easily update their privacy policies without necessitating the submission of an entirely new extension version on AMO.
Data collection transparency is of paramount importance to Firefox users. We’re also working on other changes that will make it easier for developers to select the types of data their extension requires, which will in turn provide enhanced data collection clarity for users.
User scripts API policy added
A user script manager is a type of extension that allows users to inject custom, website-specific scripts that alter a site’s appearance or behavior. These extensions leverage the userScripts API, which our policies now clarify may only be used by user script manager extensions. The userScript API may not be used to extend or modify the functionality of the script manager itself.
Source code submission guidelines
It has been a longtime AMO policy that all extension submissions must provide reviewable source code, regardless if it’s transpiled, minified, or otherwise machine generated. We’ve now amended our policy to more specifically stipulate that all dependencies must either be included in the source code package directly or downloaded only through the respective official package managers during the build process.
Taken together, we hope these policy refinements will make developing Firefox extensions a more straightforward and streamlined process. Let us hear your thoughts in the comments. Happy coding!
We’re growing a few more stars! We’re so happy to hear there is great interest in Thunderbird for iOS, and hope to reach a stage soon where you all can be more involved. Thank you, also, to those of you who’ve submitted an increasing number of ideas via Mozilla Connect.
Todd has been preparing the JMAP implementation for iOS, which will allow us to test the app with real data. We’re exploring the possibility of releasing the first community TestFlight a bit earlier by working directly with in-memory live data instead of syncing everything to a database upfront. The app may crash if your inbox has 30GB of email, but this approach should help us iterate more quickly. We still believe offline-first is the right path, and designing a database that supports this will follow soon after.
Further we’ve set up the initial localization infrastructure. This was surprisingly easy using Weblate’s translation propagation feature. We simply needed to add a new component to our Android localization project that pulls from the iOS repository. While Weblate doesn’t (yet?) auto-propagate when the component is set up, if there are changes across iOS and Android in the future, the strings will automatically apply to both products.
Thunderbird for Android
We spent a lot of time thinking about the beta and making adjustments. Fast forward to June, we’re still experiencing a number of crashes. If you are running the beta, please report crashes and try to find out how to trigger them. If you are not using Beta, please give it a try and report back on the beta list or issue tracker. We’d greatly appreciate it! Here are a few updates worth noting for the month of May:
Some folks on beta may have noticed the “recipient field contains incomplete input” error which kept you from sending emails. We’ve noticed as well, and halted the rollout of 11.0b1 on app stores where supported. Shamim fixed this issue for 11.0b2.
Another important issue was when attaching multiple issues, only one image would be attached. This happens all the way back to 10.0, and we’ll release a 10.1 that includes this fix. Again thank you to Shamim!
Final round of fixes from Shamim: new mail notifications can be disabled again, we have a bunch of new tests and refactoring, we have a few new UI types for the new preference system that Wolf created.
Timur Erofeev solved a crash on Android 7 due to some library changes in dependency updates we didn’t anticipate
Wolf is getting closer to finishing the drawer updates that we’re excited to share in a beta soon. He has also been working diligently to remove some of the crashes we’ve been experiencing on beta due to the new drawer and some of the legacy code it needs to fall back to. Finally, as we’re venturing into Thunderbird for iOS, Wolf has been thinking about the KMP (Kotlin Multiplatform) approach and added support to the Thunderbird for Android repository. He will soon separate a simple component and set things up so we can re-use it from Thunderbird for iOS.
Rafael and Marcos have fixed some issues with the system bar appearing transparent. The issue has been very persistent, we’re still getting reports of cases where this isn’t yet resolved.
Philipp has fixed an issue for our release automation to make sure the changelog doesn’t break on HTML entities.
I also wanted to highlight the new Git Commit Guide that Wolf created to give us a little more stability in our commits and set expectations for pull requests. We have a few more docs coming up in June, stay tuned.
You could be on this list next month, please get in touch if you’d like to help out!
— Philipp Kewisch (he/him) Thunderbird Mobile Engineering | Mozilla Thunderbird
We’ve all been there — one minute you’re checking work emails, the next you’re deep into vacation planning, and the next thing you know all of your content is a jumbled mess. Firefox users needed an easy way to keep different online lives separate — work, personal, school, or shopping — without juggling multiple browsers.
While other browsers offer multi-profile support, they lack privacy-first management and quick profile switching. We saw an opportunity to do it better — to give users more control, with fewer headaches.
With hundreds of votes on Mozilla Connect, demand for direct taskbar access to profiles was clear. So, we got to work.
Building profiles
From day one, UX and content design collaborated on every step of the process, ensuring a cohesive experience based on a shared understanding of user needs.
Phase 01: research & early ideas
Before designing anything, we:
Studied competitors to find what worked (and what didn’t).
Mapped out user journeys to understand pain points.
Sketched early ideas — low-fidelity wireframes — to get quick team feedback.
Defined how profiles fit into the Firefox ecosystem.
Phase 02: test, iterate, repeat
We tested profiles at every stage, using:
Moderated & unmoderated user tests (UserTesting.com) We asked real people to try early versions of the feature and share their thoughts. Sometimes a moderator guided them through tasks and asked follow-up questions (moderated), and other times they completed tasks on their own while we watched recordings later (unmoderated). This helped us understand where users got stuck or confused.
Key learnings: Positive: Users found the profile creation process simple and intuitive, and appreciated the instant visual feedback like color and icon changes — confirming this flow was working well as designed.
Constructive: Some users had trouble finding where to access profiles within the browser, often looking for them in the account section, suggesting the need for clearer entry points and distinctions in the UI.
Accessibility-focused testing (Fable, DisCoTec) We partnered with people who use assistive technologies like screen readers or keyboard-only navigation to test the feature. Their feedback helped us make sure profiles would be easy to use for everyone, including users with disabilities.
Key learnings: Positive: The profiles feature was well-received by participants using assistive technologies. The setup process was described as “pretty easy,” and users appreciated the immediate feedback when choosing themes or avatars. One participant noted, “I like to have all profiles significantly different colors so it’s easy for me to recognize I’m in the right profile without zooming in.”
Constructive: Some users had trouble locating profiles in the menu or understanding what elements were clickable, especially with screen readers. One participant commented, “Alt+P didn’t take me to the profiles part of the app menu as expected — it should be a shortcut.”
Live prototype reviews with Firefox teams We regularly showed early interactive versions of the feature, also known as prototypes, to different Firefox teams. This let us gather fast, internal feedback and make improvements before we committed to building anything fully.
Key learnings: Positive: Stakeholders responded positively to the decision to launch each profile in its own window with a separate taskbar icon. This was seen as a clear differentiator from other browsers and aligned with Firefox’s goals around user control and simplicity.
Constructive: Stakeholders identified the lack of a profiles entry point in the account avatar as a key discoverability issue. While this was initially excluded from the MVP to reduce complexity, there was an alignment that it should be prioritized as part of the initial roll out.
Phase 03: refining the experience
Every iteration made profiles simpler, more accessible, and easier to use. To keep everyone aligned, we took our work company-wide by:
Maintaining the smaller cross functional team well informed during weekly syncs.
Creating walkthrough videos for a wide range of feedback and perspectives.
Sharing during UX leadership reviews
Working closely with the design systems team to ensure that the UI was not only accessible and intuitive, but also fit well within the wider Firefox ecosystem.
Collaborating with the accessibility team to create an easy handoff for engineers to build a delightfully accessible product.
Phase 04: measuring success with telemetry
A great feature isn’t complete without the right data to evaluate impact and guide business decisions. At Firefox, we believe in collecting only what’s necessary. That’s why we follow lean data practices, minimizing what we track and always keeping it anonymous. This ensures we respect user privacy while answering key product and business questions.
We led a two-part telemetry workshop to make sure:
Every button and link was trackable (all this data is of course anonymous).
We could measure adoption, switching behavior, and engagement.
These valuable insights will help us improve profiles post-launch.
Phase 05: bringing profiles to life
To ensure a smooth handoff to engineering, we provided:
Detailed documentation for all screens and components.
Accessibility annotations for keyboard navigation, focus order, and high-contrast mode.
Comprehensive user flows covering onboarding, profile creation, switching, and deletion.
Some examples of our final screens:
Unique avatars and themes help users instantly recognize each profile.
A startup profile picker makes choosing and managing profiles a breeze.
Easily access and switch between profiles from your dock or taskbar
What’s next?
Profiles are currently rolled out to a small percentage of Firefox users, and early telemetry shows strong engagement. We’re seeing meaningful adoption, encouraging retention signals, and higher engagement across key behaviors like search and customization. Many users are also making use of cross-profile switching, indicating that the feature is resonating with both casual and power users.
This project proved that when UX leads from the start, we build better, more user-friendly features.
The SeaMonkey Project is pleased to announce the immediate release of SeaMonkey 2.53.21. There are a few security updates and …
*What? Um.. No, I didn’t see it. I did look at the website patch… Yes, it’s the same as reading the release notes. It clearly states that it’s a point release and it’s a security patch… Anyway…. *
Please check out [1] and/or…
*What now? Look, I’ve been doing and/or for some time… What do you mean exclusive or? Ok.. this time, you make sense.*
Please do check out [1] and [2].
:ewong
PS: Did I mention the Updates will be forthcoming…? Yes, the updates will be forthcoming…if it hasn’t already been done already when you read this.
PPS: Yes, trying to jazz things up… think of this post being Rik Mayall’d. (RIP). The People’s Poet…
It’s been just over two months (!) since we first announced our upcoming Thunderbird Pro suite and Thundermail email service. We thought it would be a great idea to bring in Chris Aquino, a Software Engineer on our Services team, to chat about these upcoming products. We want our community to get to know the newest members of the Thunderbird family even before they hatch!
We’ll be back later this summer after our upcoming Extended Support Release, Thunderbird 140.0, is out! Members of our desktop team will be here to talk about the newest features. Of course, if you’d like to try the newest features a little sooner, we encourage you to try the monthly Release channel. Just be sure to check if your Add-ons are compatible first!
May Office Hours: Thunderbird Pro and Thundermail
Chris has been a part of the Thunderbird Pro products since we first started developing them. So not only is he a great colleague, he’s an ideal guest to help tell the story about this upcoming chapter in the Thunderbird story. Chris starts with an overview for each product that covers the features we have planned for each of our Thunderbird Pro products and Thundermail. We know how curious our community is about these products, and so our hosts have lots of questions for each product, and Chris is more than up to the challenge in answering them. We also make sure to point out how to get involved with trying, testing, and helping us improve these products by linking you to our repositories.
Watch, Read, and Get Involved
The entire interview with Chris is below, on YouTube and Peertube. There’s a lot of references in the interview, which we’ve handily provided below. We hope you’re enjoying these looks into what we’re doing at Thunderbird as much as we’re enjoying making them, and we’ll see you soon!
We also know some of you might only be interested in a single product, and so we’ve also made separate videos for each product!
According to the FBI’s 2024 Internet Crime Report, crypto-related scams accounted for nearly $16.6 billion in victim losses last year across the globe ($9.3 billion in the United States alone — a 66% increase from 2023). Crypto thieves employ a variety of tactics to defraud people, but a certain type, known as a crypto wallet drainer, is proliferating and one of the ways scammers find new victims is through malicious browser extensions.
A crypto wallet drainer is basically any type of fraudulent method that gives bad actors unauthorized access to a user’s crypto wallet. In the case of browser extensions, we find malicious extensions masquerading as legitimate extensions from trusted, known crypto wallets. Unfortunately for users who install a scam crypto wallet extension and input their private keys and credentials, the effects are often immediate and devastating. The funds quickly vanish and they’re virtually impossible to recover.
The FBI’s Internet Crime Complaint Center receives an average of 836,000 complaints per year comprising all manner of online scams. (Source: 2024 FBI Crime Report)
According to Add-ons Operations Manager Andreas Wagner, who leads content security and review efforts, AMO (addons.mozilla.org) has uncovered “hundreds” of scam crypto wallets over the past few years. “It’s a constant cat and mouse game,” Wagner explains, as “developers try to work around our detection methods.”
To help protect Firefox users, the Add-ons Operations team developed an early detection system designed to identify and stop crypto scam extensions before they find traction with unsuspecting users. The first layer of defense involves automated indicators that determine a risk profile for wallet extensions submitted to AMO. If a wallet extension reaches a certain risk threshold, human reviewers are alerted to take a deeper look. If found to be malicious, the scam extensions are blocked immediately.
While add-on reviewers are doing everything they can to find and snuff out crypto wallet scams before they can do harm, there are things users should be aware of as well to help protect themselves. “Check your crypto wallet’s website to see if they have an official extension, and only use the one they link to,” advises Wagner, while adding you might also consider reaching out directly to your crypto wallet service to confirm you’re selecting a legitimate extension. You can never be overly cautious when it comes to protecting your digital assets. There are too many disastrous tales out there.
After much thoughtful consideration and evaluation, we’ve made the difficult decision to officially decommission the Social Support and Mobile Store Support programs. This wasn’t a decision made lightly. We recognize the immense dedication, time, and care, that so many of you have poured into these programs over the years. We’re truly grateful for everything you’ve done to support users and represent Mozilla in these spaces that have made users feel heard, supported, and connected to our mission.
The primary reason behind this decision is our team’s choice to discontinue activity on the X platform (formerly known as Twitter). While we value the interaction and connections we’ve had on this channel in the past, the social media landscape has evolved, and we’ve seen a steady decline in the impact of our interactions in this channel.
While we are stepping back from the platform, we have intentionally chosen to maintain ownership of our existing accounts (including @FirefoSupport and @SUMO_Mozilla). This allows us to protect our identity, prevent impersonation and maintain a minimal presence in case an emergency situation arises.
This change also reflects a shift in our overall support strategy, as we’ll be focusing our limited resources on the Mozilla Support Community Forums as our primary support channel. Over the past year, we’ve seen a notable increase in forum activity, but our ability to respond hasn’t been able to keep up with the volume. For comparison, our Q1 2025 total volume increased for almost 120% (exclude those that marked as spam) compared to the same period last year. There’s a growing need and clear opportunity for us to do more here, and your continued involvement will be more valuable than ever.
Although these programs are winding down, the impact you’ve had has been meaningful and deeply appreciated. And to honor your contributions, we’ve issued a set of special SUMO badges to recognize those of you who supported these efforts over the years.
Due to the limited data retention policy from the third-party tool that we’re using, we were only able to retrieve contributor data going back to 2023. Based on this, we’ve issued a total of seven badges:
Top 3 Contributors for Social Support (2023, 2024, and 2025)
Top 3 Contributors for Mobile Store Support (2023, 2024, and 2025)
An Honorary Badge for everyone who made a significant contribution to these programs
Thank you for your passion, commitment, and dedication to these programs throughout the years. Many of you have made a real difference for countless Firefox users around the world. This is a moment to reflect and be proud of everything we’ve done together.
To read our FAQ related to this decision, feel free to check out this Community Discussion thread. If you have additional questions or concerns, you can also share on the same thread.
Since Bug 1896609 landed we now have Glean & Firefox on Glean (FOG) memory reporting built into the Firefox Memory Reporter. This allows us to measure the allocated memory in use by Glean and FOG. It currently covers memory allocated by the C++ module of FOG and all instantiated Glean metrics. It does not yet measure the memory used by Glean and its database.
How it works
Firefox has a built-in memory usage reporter, available as about:memory. Components of Firefox can expose their own memory usage by implementing the nsIMemoryReporter interface. FOG implements this interface and delegates the measurement to the firefox-on-glean Rust component.
firefox-on-glean then collects the memory usage of objects under its own control: all user-defined and runtime-instantiated metrics, additional hashmaps used to track metrics & all user-defined and runtime-instantiated pings. It will soon also collect the memory size of the global Glean object, and thus the memory used for built-in metrics as well as the in-memory database.
Memory measurement works by following all heap-allocated pointers, asking the allocator for the memory size of each and summing everything up. Because we do most of this measurement in Rust we use the existing wr_malloc_size_of crate, which already implements the correct measurement for most Rust libstd types as well as some additional library-provided types. Our own types implement the required trait using malloc_size_of_derive for automatically deriving the trait, or manual implementations.
How it looks
The memory measurement is built into Firefox and works in every shipped build. Open up about:memory in a running Firefox, click the “Measure” button and wait for the measurement. Once all data is collected it will show a long tree of measured allocations across all processes. Type fog into the filter box on the right to trim it down to only allocations from the fog component. The exact numbers differ between runs and operating systems.
You will see a view similar to this:
about:memory on a freshly launched developer build of Firefox. fog reports 0.35 MB of allocated memory in the main process.
After opening a few tabs and browsing the web a new measurement on about:memory will show a different number, as Glean is instantiating more metrics and therefore allocating more memory. This number will grow as more metrics are instantiated and kept in memory.
This currently does not show the allocations from the global Glean object and its in-memory database. In the future we will be able to measure those allocations as well. In a prototype locally this already works as expected: As more data is recorded and stored the allocated memory grows. Once a ping is assembled, submitted and sent the allocations will be freed and about:memory will report less memory allocated again.
In this month’s Community Office Hours, we’re chatting with our director Ryan Sipes. This talk opens with a brief history of Thunderbird and ends on our plans for its future. In between, we explain more about MZLA and its structure, and how this compares to the Mozilla Foundation and Corporation. We’ll also cover the new Thunderbird Pro and Thundermail announcement And we talk about how Thunderbird put the fun in fundraising!
And if you’d like to know even more about Pro, next month we’ll be chatting with Services Software Engineer Chris Aquino about our upcoming products. Chris, who most recently has been working on Assist, is both incredibly knowledgeable and a great person to chat with. We think you’ll enjoythe upcoming Community Office Hours as much as we do.
April Office Hours: Thunderbird and MZLA
The beginning is always a very good place to start. We always love hearing Ryan recount Thunderbird’s history, and we hope you do as well. As one of the key figures in bringing Thunderbird back from the ashes, Ryan is ideal to discuss how Thunderbird landed at MZLA, its new home since 2020. We also appreciate his perspective on our relationship to (and how we differ from) the Mozilla Foundation and Corporation. And as Thunderbird’s community governance model is both one of its biggest strengths and a significant part of its comeback, Ryan has some valuable insights on our working relationship.
Thunderbird’s future, however, is just as exciting a story as how we got here. Ryan gives us a unique look into some of our recent moves, from the decision to develop mobile apps to the recent move into our own email service, Thundermail, and the Thunderbird Pro suite of productivity apps. From barely surviving, we’re glad to see all the ways in which Thunderbird and its community are thriving.
Watch, Read, and Get Involved
The entire interview with Ryan is below, on YouTube and Peertube. There’s a lot of references in the interview, which we’ve handily provided below. We hope you’re enjoying these looks into what we’re doing at Thunderbird as much as we’re enjoying making them, and we’ll see you next month!
I’m so excited to share that Flavius Floare joined our team recently as a Technical Writer. He’s working alongside with Dayani to handle the Knowledge Base articles. Here’s a bit more from Flavius himself:
Hi, everyone. My name is Flavius, and I’m joining the SUMO team as the new Technical Writer. I’m really excited to be here and look forward to collaborating with you. My goal is to be as helpful as possible, so feel free to reach out to me with suggestions or feedback.
Please join me to welcome Flavius into the team. He will also join our community call this week, so please make sure to join us tomorrow to say hi to him!
At Mozilla, we consider security to be a paramount aspect of the web. This is why not only does Firefox have a long running bug bounty program but also mature release management and security engineering practices. These practices combined with well-trained and talented Firefox teams are also the reason why we respond to security bugs as quickly as we do. This week at the security hacking competition pwn2own, security researchers demonstrated two new content-process exploits against Firefox. Neither of the attacks managed to break out of our sandbox, which is required to gain control over the user’s system.
Out of abundance of caution, we just released new Firefox versions in response to these attacks – all within the same day of the second exploit announcement. The updated versions are Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1 and Firefox for Android. Despite the limited impact of these attacks, all users and administrators are advised to update Firefox as soon as possible.
Pwn2Own is an annual computer hacking contest where participants aim to find security vulnerabilities in major software such as browsers. This year, the event was held in Berlin, Germany, and a lot of popular software was listed as potential targets for security research. As part of the event preparation, we were informed that Firefox was also listed as a target. But it took until the day before the event when we learned that not just one but two groups signed up to demonstrate their work.
Typically, people attacking a browser require a multi-step exploit. At first, they need to compromise the web browser tab to gain limited control of the user’s system. But due to Firefox’s robust security architecture, another bug (a sandbox escape) is required to break out of the current tab and gain wider system access. Unlike prior years, neither participating group was able to escape our sandbox this year. We have verbal confirmation that this is attributed to the recent architectural improvements to our Firefox sandbox which have neutered a wide range of such attacks. This continues to build confidence in Firefox’s strong security posture.
To review and fix the reported exploits a diverse team of people from all across the world and in various roles (engineering, QA, release management, security and many more) rushed to work. We tested and released a new version of Firefox for all of our supported platforms, operating systems, and configurations with rapid speed.
Our work does not end here. We continue to use opportunities like this to improve our incident response. We will also continue to study the reports to identify new hardening features and security improvements to keep all of our Firefox users across the globe protected.
Related Resources
If you’re interested in learning more about Mozilla’s security initiatives or Firefox security, here are some resources to help you get started:
We are pleased to share that Mozilla was awarded the Vanguard “Speedrunner” Award by the Zero Day Initiative (ZDI). This is in regonition to being consistently fast throghout the last 20 years of Zero Day Initiative’s pwn2own events.
“Speedrunner” trophy, awarded to Mozilla Firefox for an outstanding security response during pwn2own.
Here is an update of what Thunderbird’s mobile community has been up to in April 2025. With a new team member, we’re getting Thunderbird for iOS out in the open and continuing to work on release feedback from Thunderbird for Android.
The Team is Growing
Last month we introduced Todd and Ashley to the MZLA mobile team, and now we have another new face in the team! Rafael Tonholo joins us as a Senior Android Engineer to focus on Thunderbird for Android. He also has much experience with Kotlin Multiplatform, which will be beneficial for Thunderbird for iOS as well.
Thunderbird for iOS
We’ve published the initial repository of Thunderbird for iOS! The application doesn’t really do a lot right this moment, since we intend to work very incrementally and start in the open. You’ll see a familiar welcome screen, slightly nicer than Thunderbird for Android and have the opportunity to make a financial contribution.
Testflight Distribution
We’re planning to distribute Thunderbird for iOS through TestFlight. To support that, we’ve set up an Apple Developer account and completed the required verification steps.
Unlike Android, where we maintain separate release and beta versions, the iOS App Store will have a single “Thunderbird” app. Apple prefers not to list beta versions as separate apps, and their review process tends to be stricter. Once the main app is published, we’ll be able to use TestFlight to offer a beta channel.
Before the App Store listing goes live, we’ll use TestFlight to distribute our builds. Apple provides an internal TestFlight option that doesn’t require a review, but it only works if testers have access to the developer account. That makes it unsuitable for community testing.
Initial Features for the Public Testflight Alpha
To share a public TestFlight link, we need to pass an initial App Store review. Apple expects apps to meet a minimum bar for functionality, so we can’t publish something like a simple welcome screen. Our goal for the first public TestFlight build is to support manual account setup and display emails in the inbox. Here are the specifics:
Initial account setup will be manual with hostname/username/password.
There will be a simple message list that will only show the INBOX folder messages, with a sender, subject, and maybe 2–3 preview lines.
You’ll have the opportunity to pull to refresh your inbox.
That is certainly not what you’d call a fully functional email client, but it could qualify for bare minimum functionality required for the Apple review. We have more details and a feature comparison in this document.
In other exciting news, we’re going to build Thunderbird for iOS with JMAP support first and foremost. While support on the email provider side is limited, we start with a modern email stack. This will allow us to build towards some of the features that email from the late 80’s was missing. We’ll be designing the code architecture in a way that adding IMAP support is very simple, so it will ideally follow soon after.
iOS Release Engineering and Localization
We’ve also gone through a few initial conversations on what the release workflow might look like. We’re currently deciding between:
GitHub Actions with Upload Actions (Pro: very open, re-use of some work on the Thunderbird for Android side. Con: Custom work, not many well-supported upload actions)
GitHub Actions with Fastlane (Pro: very open, well-supported, uses the same listing metadata structure we already have on Android. Con: Ruby as yet another language, no prior releng work)
Xcode Cloud (Pro: built in to Xcode, easy to configure, we’ll probably get by with the free tier for quite some time. Con: Not very open, increasing build cost)
Bitrise (Pro: Easy to configure, used by Firefox for iOS, we’ll get some support from Mozilla on this. Con: Can be pricy, not very open)
For now, our release process is pressing a button every once in a while. Xcode makes this very easy, which gives the release operations more time to plan a solution.
For localization, we’re aiming to use Weblate, just as Thunderbird for Android. The strings will mostly be the same, so we don’t need to ask our localizers to do double work.
Thunderbird for Android
We’re still focusing on release feedback by working on the drawer and looking to improve stability. April has very much been focused on onboarding the new team. I’ll keep the updates in this section a bit more brief, as we have less to explore and more to fix
We’ve accepted a new ADR to change the shared modules package from app.k9mail and com.fsck to net.thunderbird. We’ll be doing this gradually when migrating over legacy code.
Ashley has fixed a few keyboard accessibility issues to get started. She has also resolved a crash related to duplicate folder ids in the drawer. Her next projects are improving our sync debug tooling and other projects to resolve stability issues in retrieving emails.
Clément Rivière added initial support for showing hierarchical folders. The work is behind a feature flag for now, as we need to do some additional refactoring and crash fixes before we can release it. You can however try it out on the beta channel.
Fishkin removed a deprecated progress indicator, which provides slightly better support for Android watches.
Rafael fixed an issue related to Outlook/Microsoft accounts. If you have received the “Authentication Unsuccessful” message in the past, please try again on our beta channel.
Shamim continues on his path to refactor and move over some of our legacy code into the new modular structure. He also added support to attach files from the camera, and has resolved an issue in the drawer where the wrong folder was selected.
Timur Erofeev added support for algorithmic darkening where supported. This makes dark mode work better for a wider range of emails, following the same method that is used on web pages.
Wolf has been working diligently to improve our settings and drawer infrastructure. He took a number of much needed detours to refactor legacy code, which will make future work easier. Most notably, we have a new settings system based on Jetpack Compose, where we will eventually migrate all the settings screens to.
That’s a wrap for April! Let us know if you have comments, or see opportunities to help out. See you soon!
Hello from the Thunderbird development team! With some of our time spent onboarding new team members and interviewing for open positions, April was a fun and productive month. Our team grew and we were amazed at how smooth the onboarding process has been, with many contributions already boosting the team’s output.
Gearing up for our annual Extended Support Release
We have now officially entered the release cycle which will become our annual “ESR” at the end of June. The code we’re writing, the features we’re adding, the bugs we’re fixing at the moment should all make their way into the next major update, to be enjoyed by millions of users. This most stable release is used by enterprises, governments and institutions who have specific requirements around consistency, long-term support, and minimized change over time.
If waiting a whole year doesn’t sound appealing to you, our Monthly release may be better suited. It offers access to the latest features, improvements, and fixes as soon as they’re ready. Watch out for an in-app invitation to upgrade or install over ESR to retain your profile settings.
Calendar UI Rebuild
The implementation of the new event dialog hit some challenges in April with the dialog positioning and associated tests causing more than a few headaches when our CI started reporting test failures that were not easy to debug. Not surprising given the 60,000 tests which run for this one patch alone!!
The focus on loading data into the various containers continues, so that we can enable this feature and begin the QA process.
Our 0.2 release will make it into the hands of Daily and QA testers this month, with only a handful of smaller items left in our current milestone, before the “polish” milestone begins. The following items were completed in April:
Connectivity check for EWS accounts
Threading support
Folder updates & deletions in sync
Folder cache cleanup
Folder copy/move
Bug fixes!
Our hope is to include this feature set to users on beta and monthly release in 140 or 141.
The new email account feature was “preffed on” as the default experience for the Daily build but recent changes to our Oauth process have required some rework to this user experience. We’re currently working on designing a UX and associated functionality that can detect whether account autodiscovery requires a password, and react accordingly.
The redesigned UI for Address Book account additions is also underway and planned for release to users on 25th May.
Global Message Database
We welcomed a new team member in April so technical onboarding has been a priority. In addition, a long list of patches landed, with the team focused on refactoring core code responsible for the management of common folders such as Drafts or Sent Mail, and significant changes to nsIMsgPluggableStore.
Time was spent to research and plan a path to tackle dangling folders in May.
To follow their progress, the team maintains documentation in Sourcedocs which are visible here.
New Features Landing Soon
A number of requested features and important fixes have reached our Daily users this month. We want to give special thanks to the contributors who made the following possible…
If you would like to see new features as they land, and help us squash some early bugs, you can try running daily and check the pushlog to see what has recently landed. This assistance is immensely helpful for catching problems early.
Firefox Suggest is a feature that displays direct links to content on the web based on what users type into the Firefox address bar. Some of the content that appears in these suggestions is provided by partners, and some of the content is sponsored. It may also include locally-stored items from the user’s history or bookmarks.
In building Firefox Suggest, we have followed our long-standing Lean Data Practices and Data Privacy Principles. Practically, this means that we take care to limit what we collect, and to limit what we pass on to our partners. The behavior of the feature is straightforward–suggestions are shown as you type, and are directly relevant to what you type.
In this post, we wanted to give more detail about what data is needed to provide this feature, and about how we handle it.
What is Firefox Suggest?
The address bar experience in Firefox has long been a blend of results provided by partners (such as the user’s default search provider) and information local to the client (such as recently visited pages). Firefox Suggest augments these data sources with search completions from Mozilla, which it displays alongside the local and default search engine suggestions.
Suggest is currently available by default to users in the following countries:
The United States
The United Kingdom
France
Germany
Poland
Italy
Data Collected by Mozilla for an improved experience
Users with access to Suggest can choose to enable an expanded version of the feature. This feature requires access to additional data and is only available to users who have chosen to opt-in (via an opt-in prompt or their Settings menu). When users have opted in to the improved experience, Mozilla collects the following information to power Firefox Suggest.
Clicks and impressions: Mozilla receives information about the fact that a suggestion was shared. When a user clicks on a suggestion, Mozilla receives notice that a suggested link was clicked.
Location: Mozilla collects city-level location data along with searches, in order to properly serve location-sensitive queries.
Search keywords: Firefox Suggest sends Mozilla information about certain search keywords, which may be shared with partners (after being stripped of any personally identifiable information) to fetch the suggested content and improve the Suggest feature.
How Data is Handled and Shared
Mozilla handles this data conservatively. When passing data on to our partners, we are careful to only provide the partner with the minimum information required to serve the feature.
For example, we only do not share user’s specific search queries (except where the user has signed up for the enhanced experience), and we do not identify which specific user sent the request, or use cookies to track users’ online activity after their search is performed.
Similarly, while a Firefox client’s location can typically be determined from their IP address, we convert a user’s IP address to a more general location immediately after we receive it, and we remove it from all datasets and reports downstream. Access to machines and (temporary, short-lived) datasets that might include the IP address is highly restricted, and limited only to a small number of administrators. We don’t enable or allow analysis on data that includes IP addresses.
If you were to ask my parents or sister what my favourite hobby was as a child, they’d say something along the lines of “sitting in front of our family computer”. I’d spend hours browsing the internet, usually playing Flash games or watching early YouTube videos. Most of my memories of using the computer are now a blur, however, one detail stands out. I distinctly remember that our family computer used Mozilla Firefox as our primary internet browser. So imagine my surprise when I was offered an opportunity to intern here at Mozilla!
In the midst of my third year studying Computer Engineering at the University of Toronto, I had been searching for a 12-month internship to complete our Professional Experience Year (PEY) Co-op credit. Incredibly, I landed the privilege of working at Mozilla for 12 months alongside 17 other students. Coincidentally, one of my closest friends from high school would also be completing his internship at Mozilla too!
As a Software Engineer (SWE) Intern, I had been hired on the Localization (L10N) team, and would be based out of the Toronto office. I had already connected with both my manager, Francesco “Flod” Lodolo, and my mentor, Matjaž Horvat, before my start date. I couldn’t wait to begin my internship, and after I finished my final exam for third year, I began counting the days before my start date.
LGTM! (Onboarding)
From our first day at the office, I knew I was going to love working here. The Toronto office is so vibrant and filled with some truly amazing people! After finishing the office tour with the rest of the interns, we booted up our computers and began installing all our tools. Luckily for me, Ayanaa (who was the previous SWE Intern on the Localization team) was in the office too. She would be here until the end of August, helping to mentor and guide me along the way.
With her help, I got started on some bug fixes in Pontoon, Mozilla’s translation management system. I was mainly using Python (specifically the Django framework) and JavaScript/TypeScript (React) for the duration of the internship. Since I had some prior internship experience with these tools, I was able to hit the ground running, and by the end of my third month I had already completed 12 tickets! Matjaž and Flod were both instrumental in my progress, and with their help, I narrowed down the larger projects I wanted to work on for the rest of my internship.
I also took an interest in web standards within my first few months. Eemeli, the other engineer on our team, was an active contributor to the MessageFormat2 API, a new Unicode standard for localization. With his support, I was able to attend the Working Group’s weekly meetings. These meetings included some of the most influential and experienced people in this domain, spanning across many large companies and organizations.
Our first day tour of the Toronto office!
Coast to Continent to Coast (MozWeek and Work Week)
Around the middle of August, we were given the opportunity to attend MozWeek 2024, which is our annual week-long, company-wide conference. MozWeek 2024 was being held in Dublin, Ireland, so this was my first time ever travelling to Europe! From day one, the atmosphere at The Convention Centre Dublin was electric. I could tell a lot of thought, planning, and care went into creating the best possible experience for all employees. Throughout the week, we attended plenary talks, workshops, and strategic meetings.
Seeing how Mozilla is a remote-first international company, this was the first time I had met any of my full-time colleagues in person. It was so nice to finally see and chat with them outside my laptop screen. We even had our team dinner next to the famous Temple Bar! In our free time, the other interns and I had a blast walking through the streets of Dublin, and exploring what Ireland has to offer.
The interns and I at the MozWeek 2024 Closing Party, hosted at the Guinness Storehouse.
Dublin wasn’t my only travel destination though. Each team meets up once a year in one of Mozilla’s many office spaces across the world. Owing to our remote-first policy, these ‘Work Weeks’ are an opportunity for teams to reflect on the past year and align on OKRs for the coming year. Our Work Week happened in November, in sunny San Mateo, California, marking my first time on the West Coast! The Work Week was a great experience filled with good food, and it was super fun to explore San Francisco in my free time.
L10N team dinner at Porterhouse Restaurant San Mateo!
Building for a Better Web (Projects Overview)
One of my favourite parts of working at Mozilla was that almost all of my work was public-facing. I worked on three major projects during my internship, so here’s a brief description of each:
Pontoon Search
My first major project had me improving Pontoon’s search capabilities. Despite the many filters Pontoon already contained to sift through over 4.5 million strings, there were still no options for common filters like ‘Match Case’ or to limit a search to specific elements, like source text. My job was to create a new full-stack feature to enable users to refine their search queries. By leveraging TypeScript, React, and Django’s ORM capabilities, I created a new search panel with 5 options for users to toggle:
Improving the searching in Pontoon not only made the user experience more streamlined, but also improved Pontoon’s API capabilities, which was later used in the Mozilla Language Portal (see below).
Pontoon Achievement Badges
My second major project involved adding gamification elements into Pontoon. In a nutshell, we wanted to implement achievement badges into Pontoon to recognize contributions made by our vibrant volunteer community, while also further promoting positive behaviours on the platform. Ayanaa had created both the proposal document and technical specification before her term ended, so it was my job to implement the feature. This project mainly involved TypeScript and a bit of Django for counting badge actions, and the initial user feedback was overwhelmingly positive! For more information, check out the blog post I wrote to announce the feature.
Mozilla Language Portal
My final project, and the one I had the most ownership over, was the creation of the Mozilla Language Portal. For a long time, the localization industry was missing a central hub for sharing knowledge, best practices, and searchable translation memories. We decided it was a good idea to leverage our influence to create the Mozilla Language Portal, in hopes to fill this gap and make localization tools themselves more accessible. We decided to create the Portal using Birdbox, an internal tool created by the websites team to quickly spin up Mozilla-branded web pages. The deployment of the Portal was handled primarily through Google Cloud Services and Terraform, which was a whole new set of tools for me to learn. The website itself was made using Wagtail CMS, built on top of Django. With the help of the Websites and Site Reliability Engineering teams, I was able to both create the MVP and deploy the site.
Closing Thoughts
Since taking an anthropology course in my third year of university, I’ve come to appreciate how important human connection and social interactions are, especially in this day and age. Most people would agree that technology (in particular the internet) has now thoroughly integrated itself into the fabric of our societies, so I believe it’s in our collective best interest to keep the internet in a healthy and open state. In recent years, it sadly seems like many bad actors are increasing their influence and control over what should be a vital and protected resource. As one of my long-term goals, I want to focus my career towards improving the internet and using its influence over society for good.
So naturally with this goal in mind, Mozilla’s position as a non-profit organization dedicated to creating an open and accessible web was a perfect fit for me. Coincidentally, Localization was also the perfect team for me. As a very community-facing team, Localization gave me the unique chance to see the direct results of creating technology to make the internet more accessible, and I was able to explore my burning interests such as web standards.
I think it goes without saying that the lessons I learned at Mozilla, both from an engineering perspective and from a community perspective, will stick with me for the rest of my career. Regardless of if I continue to be a SWE in the future, I want to focus on creating technology to grow and help humanity, and thus I’ve promised myself to only work for organizations whose missions I align with.
To me, my time at Mozilla will always be emblematic of my growth: as a student, as an engineer, and as an individual. They say all good things must come to an end, but I oddly don’t feel as though my time at Mozilla is coming to an end. The lessons instilled in me and the drive to keep fighting for an open web won’t ever leave me.
Team photo with everyone! Taken in August 2024
Acknowledgements
I’d like to dedicate this section to my amazing team that has supported me and helped me grow both professionally and personally this past year.
To Ayanaa, thank you for being a great coworker, mentor and friend. I’ve been following the path you carved out, both at Mozilla and beyond, and I’m extremely grateful for all the advice and support you gave me throughout.
To Matjaž, I can’t really put into words how helpful and kind you have been to me. You truly have a talent for mentoring, and I’m so incredibly grateful you were my mentor. I hope you continue to inspire others the way you’ve inspired me. Let’s hope Lebron and Luka can win it all (eventually).
To Flod, your support as my manager has been monumental to my professional development. Thank you for being patient with me, and for supporting all of my interests and endeavors during my term. It sounds cliché, but I truly couldn’t have asked for a better manager.
To Eemeli, thank you for supporting my interest in MessageFormat2. Your great sense of humour will definitely stick with me, and you’ve inspired me to carry on your tradition of taking walks during online meetings.
To Bryan, it was always such a pleasure to speak and work with you. I’m glad I had someone else to nerd-out with about Pokémon! I really appreciate how we could always find something to talk about.
To Peiying, I loved hearing all about your travel anecdotes during MozWeek and our Work Week. I promise to keep my photo blog updated as long as you do too! I hope to see you and Leo again soon.
To Delphine, your enthusiasm and bubbly personality always brought a smile to my face. It was so nice to finally have met you during our Work Week! Congrats again on all your personal achievements in this past year.
And thank you to all the Mozillians I’ve had the privilege to work with this past year, both in the Toronto office and across the globe. I’m sure our paths will cross again! As they say, “once a Mozillian, always a Mozillian”.
*Thanks for reading, and if you’d like to learn more or connect with me, please feel free to add me on LinkedIn*
Please note some of the information provided in this report may be subject to change as we are sometimes sharing information about projects that are still in early stages and are not final yet.
Welcome!
Are you a locale leader and want us to include new members in our upcoming reports? Contact us!
What’s new or coming up in Firefox desktop
There are a number of new features launched recently or upcoming in Nightly to look out for.
Smart Tab Grouping
With the recent release of Tab Groups in Firefox 137, we’ll see some additional development on enhancements in the future. Currently only available in English on Nightly, Smart Tab Grouping uses a local AI model to suggest similar tabs to group together.
Link Previews
This feature will be coming to Firefox Labs in 138, Link Previews uses a local AI model to quickly see what’s behind a link, by distilling key points from the page.
Signing in PDFs
You have likely seen these strings while working on Beta, but the ability to add signatures using the built-in PDF editor will be released fully in the upcoming 138 release on April 29.
What’s new or coming up in mobile
We’re adding customization options for Firefox icons on mobile! Some of the icon names may be tricky to localize, so we’ll be sharing a reference sheet that includes each icon along with its visual and contextual usage. This will help you choose the most accurate and user-friendly translations for your locale. Keep an eye out for upcoming Pontoon notifications for more details!
What’s new or coming up in web projects
AMO and AMO Frontend
To enhance user experience, the AMO team has established a minimum translation completion threshold of 80% for locales to remain on production sites. The team will start implementing the new policy in May. Last month, locales with a completion rate of 40% or lower were removed from the production site. However, affected communities can continue making progress in Pontoon, and their status will change once they meet the threshold.
Once this new standard is fully implemented, the addon team will reassess the list of locales on a monthly basis, evaluating those that have met or fallen below the 80% threshold. Based on this review, they will determine which locales to retain and which to remove from the production site. Regardless of your locale’s current status, you can check your work in context using the links to the production, staging, and developer sites which can be found on the top left of the project dashboards.
What’s new or coming up in Pontoon
We’re working on some sizable back-end improvements to how Pontoon internally represents and deals with translatable messages, i.e. source-locale entries and their translations. Thus far we’ve refactored Pontoon’s sync code (how it reads from and writes data to project repositories) and the serialization of our supported file formats; the next step will be replacing our file format parsers.
Mostly this work should remain invisible to users, though it has already allowed us to fix quite a few long-standing bugs and improved sync performance. Eventually, this will make it much easier for us to expand the file formats and features supported by Pontoon.
Events
We are hosting our first localization office hour on Apr 30, 2025 at 3:30pm UTC, it will be live streamed on both AirMozilla and YouTube (recordings can be found at the same links). This session will focus on common errors localizers may encounter and how to overcome them. Feel free to ask questions beforehand via the Google form or reach out directly to delphine at mozilla dot com.
Want to showcase an event coming up that your community is participating in? Contact us and we’ll include it.
Friends of the Lion
Know someone in your l10n community who’s been doing a great job and should appear here? Contact us and we’ll make sure they get a shout-out!
In Designing Data Governance from the Ground Up, author Lauren Maffeo presents data stewardship as a pivotal role in data governance that is focused on maintaining data quality, consistency, and usability. Data stewards, in her view, are operational experts who ensure that data is of the highest quality, aligns with organizational standards, and supports business objectives.
At Mozilla, rather than taking such a broad role in data governance, a data steward’s responsibilities are deeply intertwined with the organization’s commitment to user privacy and ethical data practices. This approach reflects Mozilla’s mission to promote an open and accessible internet while safeguarding user trust.
Maffeo’s Framework: Operational Excellence
Maffeo outlines data stewards as key players in:
Ensuring Data Accuracy: Identifying and correcting data quality issues.
Maintaining Metadata: Documenting data definitions and standards.
Enforcing Policies: Applying data governance policies consistently.
Facilitating Collaboration: Bridging gaps between technical and business teams.
This model emphasizes the importance of data stewards in operationalizing data governance to enhance data quality, decision-making, and organizational efficiency. This work is spread amongst the product, data, data-engineering, and other organizations at Mozilla.
Mozilla’s Approach: Privacy-Centric Stewardship
At Mozilla, data stewards focus on:
Evaluating Data Collection Requests: As outlined in Mozilla’s Data Collection documentation, data stewards are responsible for reviewing proposed data collections to ensure they align with Mozilla’s Data Privacy Principles, which emphasize user control, transparency, and minimal data collection.
Collaborating Across Teams: Working with engineers, product managers, and legal teams to assess the necessity and impact of data collection and helping to ensure the collection is properly categorized and documented in a public way that is accessible to our users.
Advocating for Lean Data Practices: Promoting the collection of only essential data needed to improve user experiences, in line with Mozilla’s commitment to user privacy.
Guiding Data Publishing: Ensuring that any data shared publicly adheres to Mozilla’s Data Publishing policies, which categorize data sensitivity and dictate appropriate aggregation levels to protect user anonymity.
This stewardship model is proactive, emphasizing ethical considerations and user trust over data quality and operational efficiency.
Mozilla’s Data Stewardship in Practice
Mozilla’s data stewards operate within a structured framework that includes:
Data Collection Review: Any new data collection undergoes a review process to assess its necessity, potential privacy impact, and alignment with Mozilla’s principles. This includes ensuring data is correctly categorized by its sensitivity in order to ensure it is properly handled.
User Control and Transparency: Mozilla ensures users have meaningful choices regarding data collection, including the ability to opt-out and have their data deleted.
Public Data Sharing: When publishing data, Mozilla applies rigorous standards to prevent the release of sensitive information, following guidelines outlined in their Data Publishing documentation.
This approach ensures that data stewardship at Mozilla is less focused on managing data, but more about upholding the organization’s core values of user privacy and transparency.
Conclusion
Lauren Maffeo’s framework provides a solid foundation for understanding the operational aspects of data governance. Mozilla’s implementation of data stewardship focuses this role on ethical responsibility and user advocacy. At Mozilla, data stewards are less “custodians of data quality” and more “champions of user privacy”, ensuring that every data-related decision aligns with the organization’s mission to foster an open and trustworthy internet.
If you’re interested in learning more about Mozilla’s data practices or becoming involved in data stewardship initiatives, feel free to reach out to the Data Stewardship team.
In this month’s Community Office Hours, we’re chatting with Vineet Deo, a Software Engineer on the Desktop team, who walks us through the new Account Hub on the Desktop app. If you want a sneak peak at this new streamlined experience, you can find it in the Daily channel now and the Beta channel towards the end of April.
Next month, we’ll be chatting with our director Ryan Sipes. We’ll be covering the new Thunderbird Pro and Thundermail announcement and the structure of MZLA compared to the Mozilla Foundation and Corporation. And we’ll talk about how Thunderbird put the fun in fundraising!
March Office Hours: The New Account Hub
Setting up a new email account in Thunderbird is already a solid experience, so why the update? Firstly, this is the first thing new users will see in the app. Thus, it’s important it has the same clean, cohesive look that is becoming the new Thunderbird design standard. It’s also helpful for users coming from other email clients to have a familiar, wizard-like experience. While the current account setup works well, it’s browser based. This makes it possible a user could exit out before finishing and get lost before they even started. This is the opposite of what we want for potential users!
Vineet and his team are also working to make the new Account Hub ready for Exchange. Likewise, they also have plans for a similar hub to set up new address books and calendars. We’re proud of the collaboration between back and frontend teams, and designers and engineers, to make the Account Hub.
Watch, Read, and Get Involved
But don’t take our word for it! Watch Vineet’s Account Hub talk and demo, along with a Q&A session. If you’re comfortable testing Daily, you can test this new feature now. (Go to File > New > Email Account to start the experience.) Otherwise, keep an eye on our Beta release channel at the end of April. And if you’re watching this after Account Hub is part of the regular release, now you know the feature’s story!
Hello, everyone, and welcome to the Thunderbird for Android March 2025 Progress Report. We’re keeping our community updated on everything that’s been happening in the Android team, which is quickly becoming a more general mobile team with some recent hires. In addition to team news, we’re talking about our roadmap board on GitHub.
Team Changes
In March we said goodbye to cketti, the K-9 Mail maintainer who joined the team when Thunderbird first announced plans for an Android app. We’re very grateful for everything he’s created, and for his trust that K-9 Mail and Thunderbird for Android are in good hands. But we also said hello to Todd Heasley, our new iOS engineer, who started March 26. We also have just added Ashley Soucar, an Android/iOS engineer, who joined us on April 7. If all continues to go well, we’ll also be adding another Android engineer in the next couple of weeks.
Our Roadmap Board
Our roadmap board is now available! We’re grateful to the Council for their trust and support in approving it. As the board will reflect any changes in our planning, this is the most up-to-date source for our upcoming development. Each epic will show its objective and what’s in scope – and as importantly, what’s out of scope. The project information on the side will tell you if an epic is in the backlog or work in progress.
If you’d like to know what we’re working on right now, check out our sprint board.
Contribute by Triaging GitHub Issues
One way to contribute to Thunderbird for Android is by triaging open GitHub Issues. In March, we did a major triage with over 150 issues closed as duplicates, marked with ‘works for me,’ or elevating them up to the efforts and features described in the roadmap above. Especially since we’re a small team, triaging issues helps us know where to act on incoming issues. This is a great way to get started as a Thunderbird for Android contributor.
To start triaging bugs, have a look at the ‘unconfirmed’ issues. Try to reproduce the issue to help verify that the issue exists. Then add a comment with your results and any other information you found that might help narrow down the issue. If you see users generally saying “it doesn’t work”, ask them for more details or to enable logs. This way we know when to remove the unconfirmed label. If you have questions along the way or need someone to confirm a thought you had, feel free to ask in the community support channel.
Account Drawer
Our main engineering focus in March has been the account drawer we shared screenshots on in the January/February update. Given the settings design includes a few non-standard components, we took the opportunity to write a modern settings framework based on Jetpack Compose and make use of it for the new drawer. There will be some opportunities to contribute here in the future, as we’d like to migrate our old settings UI to the new system.
We have a few crashes and rough edges to polish, but are very close to enabling the feature flag in beta. If you aren’t already using it and want to get early access, install our beta today.
I’d also like to call out a pull request by Clément, who contributed support for a folder hierarchy. The amazing thing here—our design folks were working out a proposal because we were interested in this as well, and without knowing, Clément came up with the same idea and came in with a pull request that really hit the spot. Great work!
Community Contributions
In addition to the folder hierarchy mentioned above, here are a few community activities in March:
Shamim made sure the Unified Inbox shows up when you add your second account, retained scroll position in the drawer when rotating, removed font size customizations in favor of Android OS controls, flipped the default for being notified about new email and helped out with a few refactorings to make our codebase more modern.
Sergio has improved back button navigation when editing drafts.
Salkinnoma made our workflow runs more efficient and fixed an issue in the find folders view where a menu item was incorrectly shown.
Smatek improved our edge to edge support by making the bottom Android navigation bar background transparent
Husain fixed some inconsistencies when toggling “Show Unified Inbox”.
Vayun has begun work to update the Thunderbird for Android app widgets to Jetpack compose (including dark theming)
SttApollo has made the logo size more dynamic in the onboarding screen.
This is quite a list, great work! When you think about Thunderbird for Android or K-9 Mail, what was the last major annoyance you stumbled upon? If you are an Android developer, now is a good time to fix it. You’ll see your name up here next time as well
Hello again Thunderbird Community! It’s been almost a year since I joined the project and I’ve recently been enjoying the most rewarding and exciting work days in recent memory. The team who works on making Thunderbird better each day is so passionate about their work and truly dedicated to solving problems for users and supporting the broader developer community. If you are reading this and wondering how you might be able to get started and help out, please get in touch and we would love to get you off the ground!
Paddling Upstream
As many of you know, Thunderbird relies heavily on the Firefox platform and other lower-level code that we build upon. We benefit immensely from the constant flow of improvements, fixes, and modernizations, many of which happen behind the scenes without requiring our input.
The flip side is that changes upstream can sometimes catch us off guard – and from time to time we find ourselves firefighting after changes have been made. This past month has been especially busy as we’ve scrambled to adapt to unexpected shifts, with our team hunting down places to adjust Content Security Policy (CSP) handling and finding ways to integrate a new experimental whitespace normalizer. Very much not part of our plan, but critical nonetheless.
Calendar UI Rebuild
The implementation of the new event dialog is moving along steadily with the following pieces of the puzzle recently landing:
Title
Border
Location Row
Join Meeting button
Time & Recurrence
The focus has now turned to loading data into the various containers so that we can enable this feature later this month and ask our QA team and Daily users to help us catch early problems.
We’re aiming to get a 0.2 release into the hands of Daily and QA testers by the end of April so a number of remaining tasks are in the queue – but March saw a number of features completed and pushed to Daily
This feature was “preffed on” as the default experience for the Daily build but recent changes to our Oauth process have required some rework to this user experience, so it won’t hit beta until the end of the month. It’s beautiful and well worth considering a switch to Daily if you are currently running beta.
Global Message Database
The New Zealand team completed a successful work week and have since pushed through a significant chunk of the research and refactoring necessary to integrate the new database with existing interfaces.
The patches are pouring in and are enabling data adapters, sorting, testing and message display for the Local Folders Account, with an aim to get all existing tests to pass with the new database enabled. The path to this goal is often meandering and challenging but with our most knowledgeable and experienced team members dedicated to the project, we’re seeing inspiring progress.
The team maintains their documentation in Sourcedocs which are visible here.
In-App Notifications
A few last-minute changes were made and uplifted to our ESR version early this month so if you use the ESR and are in the lucky 2% of users targeted, watch out for an introductory notification! We’ve also wrapped up work on two significant enhancements which are now on Daily and will make their way to other releases over the course of the month:
Granular control of notifications by type via EnterprisePolicy
Enhanced triggering mechanism to prevent launch when Thunderbird is in the background
A number of requested features and important fixes have reached our Daily users this month. We want to give special thanks to the contributors who made the following possible…
As usual, if you want to see and use new features as they land, and help us squash some early bugs, you can try running daily and check the pushlog to see what has recently landed. This assistance is immensely helpful for catching problems early.
Today we’re pleased to announce what many in our open source contributor community already know. The Thunderbird team is working on an email service called “Thundermail” as well as file sharing, calendar scheduling and other helpful cloud-based services that as a bundle we have been calling “Thunderbird Pro.”
First, a point of clarification: Thunderbird, the email app, is and always will be free. We will never place features that can be delivered through the Thunderbird app behind a paywall. If something can be done directly on your device, it should be. However, there are things that can’t be done on your computer or phone that many people have come to expect from their email suites. This is what we are setting out to solve with our cloud-based services.
All of these new services are (or soon will be) open source software under true open source licenses. That’s how Thunderbird does things and we believe it is our super power. It is also a major reason we exist: to create open source communication and productivity software that respects our users. Because you can see how it works, you can know that it is doing the right thing.
The Why for offering these services is simple. Thunderbird loses users each day to rich ecosystems that are both products and services, such as Gmail and Office365. These ecosystems have both hard vendor lock-ins (through interoperability issues with 3rd-party clients) and soft lock-ins (through convenience and integration between their clients and services). It is our goal to eventually have a similar offering so that a 100% open source, freedom-respecting alternative ecosystem is available for those who want it. We don’t even care if you use our services with Thunderbird apps, go use them with any mail client. No lock-in, no restrictions – all open standards. That is freedom.
What Are The Services?
Thunderbird Appointment
Appointment is a scheduling tool that allows you to send a link to someone, allowing them to pick a time on your calendar to meet. The repository for Appointment has been public for a while and has seen pretty remarkable development so far. It is currently in a closed Beta and we are letting more users in each day.
Appointment has been developed to make meeting with others easier. We weren’t happy with the existing tools as they were either proprietary or too bloated, so we started building Appointment.
Thunderbird Send
Send is an end-to-end encrypted file sharing service that allows you to upload large files to the service and share links to download those files with others. Many Thunderbird users have expressed interest in the ability to share large files in a privacy-respecting way – and it was a problem we were eager to solve.
Thunderbird Send is the rebirth of Firefox Send – well, kind of. At this point, we have a bit of a Ship of Theseus situation – having rebuilt much of the project to allow for a more direct method of sharing files (from user-to-user without the need to share a link). We opened up the repo to the public earlier this week. So we encourage everyone interested to go and check it out.
Thunderbird Send is currently in Alpha testing, and will move to a closed Beta very soon.
Thunderbird Assist
Assist is an experiment, developed in partnership with Flower AI, a flexible open-source framework for scalable, privacy-preserving federated learning, that will enable users to take advantage of AI features. The hope is that processing can be done on devices that can support the models, and for devices that are not powerful enough to run the language models locally, we are making use of Flower Confidential Remote Compute in order to ensure private remote processing (very similar to Apple’s Private Cloud Compute).
Given some users’ sensitivity to this, these types of features will always be optional and something that users will have to opt into. As a reminder, Thunderbird will never train AI with your data. The repo for Assist is not public yet, but it will be soon.
Thundermail
Thundermail is an email service (with calendars and contacts as well). We want to provide email accounts to those who love Thunderbird, and we believe that we are capable of providing a better service than the other providers out there. Email that aligns with our values of privacy, freedom and respect of our users. No ads, no selling or training AI on your data – just your email and it is youremail.
With Thundermail, it is our goal to create a next generation email experience that is completely, 100% open source and built by all of us, our contributors and users. Unlike the other services, there will not be a single repository where this work is done. But we will try and share relevant places to contribute in future posts like this.
The email domain for Thundermail will be Thundermail.com or tb.pro. Additionally, you will be able to bring your own domain on day 1 of the service.
Heading to thundermail.com you will see a sign up page for the beta waitlist. Please join it!
Final Thoughts
Don’t services cost money to run?
You may be thinking: “this all sounds expensive, how will Thunderbird be able to pay for it?” And that’s a great question! Services such as Send are actually quite expensive (storage is costly). So here is the plan: at the beginning, there will be paid subscription plans at a few different tiers. Once we have a sufficiently strong base of paying users to sustainably support our services, we plan to introduce a limited free tier to the public. You see this with other providers: limitations are standard as free email and file sharing are prone to abuse.
It’s also important to highlight again that Thunderbird Pro will be a completely separate offering from the Thunderbird you already use. While Thunderbird and the additional new services may work together and complement each other for those who opt in, they will never replace, compromise, or interfere with the core features or free availability of Thunderbird. Nothing about your current Thunderbird experience will change unless you choose to opt in and sign up with Thunderbird Pro. None of these features will be automatically integrated into Thunderbird desktop or mobile or activated without your knowledge.
The Realization of a Dream
This has been a long time coming. It is my conviction that all of this should have been a part of the Thunderbird universe a decade ago. But it’s better late than never. Just like our Android client has expanded what Thunderbird is (as will our iOS client), so too will these services.
Thunderbird is unique in the world. Our focus on open source, open standards, privacy and respect for our users is something that should be expressed in multiple forms. The absence of Thunderbird web services means that our users must make compromises that are often uncomfortable ones. This is how we correct that.
I hope that all of you will check out this work and share your thoughts and test these things out. What’s exciting is that you can run Send or Appointment today, on your own server. Everything that we do will be out in the open and you can come and help us build it! Together we can create amazing experiences that enhance how we manage our email, calendars, contacts and beyond.
Thank you for being on this journey with us.
—
Ryan Sipes Managing Director of Product Thunderbird
What happens when AI systems fail? Who should be held responsible when they cause harm? And how can we ensure that people harmed by AI can seek redress?
As AI is increasingly integrated in products and services across sectors, these questions will only become more pertinent. In the EU, a proposal for an AI Liability Directive (AILD) in 2022 catalyzed debates around this issue. Its recent withdrawal by the European Commission leaves a wide range of open questions to linger as businesses and consumers will need to navigate fragmented liability rules across the EU’s 27 member states.
To answer these questions, policymakers will need to ask themselves: what does an effective approach to AI and liability look like?
New research published by Mozilla tackles these thorny issues and explores how liability could and should be assigned across AI’s complex and heterogeneous value chain.
Solving AI’s “problem of many hands”
The report, commissioned from Beatriz Botero Arcila — a professor at Sciences Po Law School and a Faculty Associate at Harvard’s Berkman Klein Center for Internet and Society — explores how liability law can help solve the “problem of many hands” in AI: that is, determining who is responsible for harm that has been dealt in a value chain in which a variety of different companies and actors might be contributing to the development of any given AI system. This is aggravated by the fact that AI systems are both opaque and technically complex, making their behavior hard to predict.
Why AI Liability Matters
To find meaningful solutions to this problem, different kinds of experts have to come together. This resource is designed for a wide audience, but we indicate how specific audiences can best make use of different sections, overviews, and case studies.
Specifically, the report:
Proposes a 3-step analysis to consider how liability should be allocated along the value chain: 1) The choice of liability regime, 2) how liability should be shared amongst actors along the value chain and 3) whether and how information asymmetries will be addressed.
Argues that where ex-ante AI regulation is already in place, policymakers should consider how liability rules will interact with these rules.
Proposes a baseline liability regime where actors along the AI value chain share responsibility if fault can be demonstrated, paired with measures to alleviate or shift the burden of proof and to enable better access to evidence — which would incentivize companies to act with sufficient care and address information asymmetries between claimants and companies.
Argues that in some cases, courts and regulators should extend a stricter regime, such as product liability or strict liability.
Analyzes liability rules in the EU based on this framework.
Why Now?
We have already seen examples of AI causing harm, from biased automated recruitment systems to predictive AI tools used in public services and law enforcement generating faulty outputs. As the number of such examples will increase with AI’s diffusion across the economy, affected individuals should have effective ways of seeking redress and justice — as we have already argued in our initial response to the AILD proposal in 2022 — and businesses should be incentivized to take sufficient measures to prevent harm. At the same time, they should not be overburdened with ineffective rules and have legal certainty rather than facing a patchwork of varying rules across different jurisdictions in which they operate. A well-designed, targeted, and robust liability regime for AI could address all of these challenges — and we hope the research released today can contribute to a more grounded debate around this issue.
The GPG key used to sign the Firefox release manifests is expiring soon, and so we’re going to be switching over to a new signing subkey shortly.
The GPG fingerprint is 14F2 6682 D091 6CDD 81E3 7B6D 61B7 B526 D98F 0353. The new signing subkey’s fingerprint is 09BE ED63 F346 2A2D FFAB 3B87 5ECB 6497 C1A2 0256, and it expires 2027-03-13.
The public key can be fetched from KEY files from the latest Firefox Nightly, keys.openpgp.org, or from below. This can be used to validate existing releases signed with the current key, or future releases signed with the new key.
Our first edition of Mozilla Mornings in 2025 will explore the state of online advertising and what needs to change to ensure a fairer, healthier, and privacy-respecting ads ecosystem where everyone stands to benefit.
The European regulatory landscape for online advertising is at a turning point. Regulators step up enforcement under the GDPR, the DMA and the DSA and industry players explore alternatives to cookies. Despite these advancements, online advertising remains an area where users do not experience strong privacy protections, and the withdrawal of the ePrivacy Regulation proposal can only exacerbate these concerns.
The industry’s reliance on invasive tracking, excessive profiling, and opaque data practices makes the current model deeply flawed. At the same time, online advertising remains central to the internet economy, supporting access to information, content creators, and journalism.
This Mozilla Mornings session will bring together policymakers, industry experts and civil society to discuss how online advertising can evolve in a way that benefits both users and businesses.
How can we move towards a more privacy-respecting and transparent advertising ecosystem while maintaining the economic sustainability of the open web?
How can regulatory reforms, combined with developments in the space of Privacy-Enhancing Technologies (PETs) and Privacy-Preserving Technologies (PPTs), provide a viable alternative to today’s surveillance-based advertising?
And what are the key challenges in making this shift at both the policy and technological levels?
To discuss these issues, the panel will welcome:
Rob van Eijk, Managing Director at Future of Privacy Forum
Svea Windwehr, Associate Director Public Policy at Electronic Frontier Foundation
Petra Wikström, Senior Director Public Policy at Schibsted
Martin Thomson, Distinguished Engineer at Mozilla
The discussion will also feature a fireside chat with Prof. Dr. Max von Grafenstein from Einstein Center Digital Future at the UdK Berlin.
Marshmallows are for team players — A light-hearted, Severance-inspired icebreaker
Let’s be real — most icebreakers are cringe with a capital C. But instead of pretending we’re above it, what if we just… leaned into the weird? That’s my plan for our upcoming workweek. Severance just wrapped (what a finale, am I right?!), and the vibe is spot-on: relevant, bizarre in the best way, and blessedly spoiler-free. So I channeled my inner Milchick, grabbed some marshmallows, and cooked up something that might just be weird enough to stand out from the usual “ugh, another icebreaker” routine.
Here’s how to run your own “Marshmallows Are for Team Players” session:
<figcaption>Image via Apple TV+</figcaption>
Set the Mood (2 min)
Start with a little corporate dystopia ambiance:
Play the Severance theme music for 10–15 seconds.
Then roll the iconic clip of Milchick saying:
<figcaption>“Marshmallows are for team players, Dylan.”</figcaption>
3. With a grin, tell your team: “That’s right. Marshmallows are for team players.”
Explain the Rules (1 min)
We’ve got marshmallows — but they’re not free. To earn one, you need to give a shoutout to a teammate who was a great collaborator this week.
It could be anything — big impact, quiet kindness, or someone who brought great vibes to a meeting.
Tell them: “Try to keep it to one kudos each so we have time for everyone — but if you really need to sneak in an extra one, I won’t stop you.”
The Kudos Round (5–10 min)
Go popcorn style — whoever goes gives kudos, grabs a marshmallow, then calls on the next person.
Each person:
Shares a kudos
Collects a marshmallow
Picks who goes next
Bonus rule: If someone gives kudos and gets one, they can take two marshmallows. Double win.
The Marshmallow Club Photo (2 min)
Wrap it up with a team pic:
“Grab your marshmallow, hold it up like it’s your Severance badge, and let’s get a group photo. Smile like Milchick!”
Behold: the Marshmallow Club Everyone here earned their marshmallow by lifting someone else up. True team player behavior.
We’ve also unlocked a new emoji: :milchick-approves: Use it to celebrate kudos, overachievers, or extreme corporate joy.
Praise Kier.
Try It Yourself
All it takes is a playlist, a clip, a bag of marshmallows — and a bit of satire. Give it a go at your next team meeting or offsite. Just don’t forget the group photo. Milchick is watching.
Have your own twist on this idea? Or another ridiculous icebreaker that weirdly worked? Drop it in the comments or DM me — I’m always collecting ideas.
Mozilla envisions a future where the internet is a truly global public resource that is open, accessible, and safe for all. An internet that benefits people using online services, prioritizes the right to privacy, and enables economic dynamism. Our commitment to this vision stems from Mozilla’s foundational belief that the internet was built by people, for people and that its future should not be dictated by a few powerful organizations.
When technology is developed solely for profit, it risks causing real harm to people. True choice and control for Americans can only be achieved through a competitive ecosystem with a range of services and providers that foster innovation. However, today’s internet is far from this ideal state, and without action, is only set to become increasingly consolidated in the age of AI.
Today, Mozilla is setting out our 2025 – 2026 Policy Vision for the United States as we look to a new administration and a new congress. Our policy vision is anchored in our guiding principles for a healthy internet, and outlines policy priorities that we believe should be the ‘north star’ for U.S. policymakers and regulators. Some recommendations are long overdue, while others seek to ensure the development of a healthy and competitive internet moving forward.
Here’s how we can work together to make this happen.
Priority 1: Openness, Competition, and Accountability in AI
Promoting open source policies and approaches in AI has the potential not just to create technology that benefits individuals, but also to make AI systems safer and more transparent. Open approaches and public investment can spur increased research and development, create products that are more accessible and less vulnerable to cyberattacks, and help to catalyze investment, job creation, and a more competitive ecosystem. Mozilla’s key recommendations include:
Increase government use of, and support for, open-source AI. The U.S. federal government procures billions of dollars of software every year. The government should use these resources to promote and leverage open source AI when possible, to drive growth and innovation.
Develop and fund public AI infrastructure. Supporting initiatives like the National AI Research Resource (NAIRR) and the Department of Energy’s FASST program is crucial for developing public AI infrastructure that provides researchers and universities with access to AI tools, fosters innovation and ensures benefits for all.
Grow the AI talent ecosystem. It is critical that America invests in education programs to grow the domestic AI talent ecosystem. Without this talent, America will face serious difficulties competing globally.
Provide access to AI-related resource consumption data. At its current growth trajectory, AI could end up consuming tremendous amounts of natural resources. The government should work with the AI industry (from semiconductor developers to cloud providers to model deployers) to provide open access to resource consumption data and increase industry transparency; this can help to prevent expensive and dangerous grid failures and could lead to lower energy prices for consumers.
Clarify a federal position on open source AI export controls that maintains an open door for innovation. By affirming a federal position on open source AI export controls to reflect those of NTIA, and emphasizing the benefits of open models, the administration can spur further advancement in the field.
Priority 2: Protecting Online Privacy and Ensuring Accountability
Today’s internet economy is powered by people’s information. While this data can deliver massive innovation and new services, it can also put consumers and trust at risk. Unchecked collection and opaque practices can leave people susceptible to deceptive and invasive practices, and discrimination online. The rise of generative AI makes the issue of online privacy more urgent than ever.
Mozilla believes that privacy and innovation can coexist. With action and collaboration, policymakers can shift the internet economy toward one that prioritizes users’ rights, transparency, and trust — where privacy is not a privilege but a guarantee for all. We recommend that policymakers:
Pass strong comprehensive federal privacy legislation and support state efforts. Congress must enact a sufficiently strong comprehensive federal privacy law that addresses AI-specific privacy protections, upholds data minimization, ensures the security protections that encryption provides, and covers children and adults, setting a high bar for meaningful protections. This is how Congress can create an environment where people can truly benefit from the technologies they rely on without paying the premium of exploitation of their personal data. States should also move to enact strong laws to fill the gap and protect their constituents.
Support the adoption of privacy-enhancing technologies (PETs). This includes funding NIST and the National Science Foundation to advance fundamental and applied research, while establishing strong privacy protections that incentivize companies to prioritize PETs. The global standards development and consensus process is essential for privacy preserving technologies to develop in a sustainable manner, in particular around areas like advertising. Legislation can also incentivize companies to adopt more privacy-preserving business practices, ultimately benefiting users and supporting their right to privacy online.
Provide necessary resources and tools to data privacy regulators. Congress and the administration must enable and empower relevant federal regulators by providing additional resources and authorizations to facilitate privacy-related investigations and enforcement. Efforts should, in particular, target data brokers who traffic sensitive data.
Support critical independent research. Policymakers should ensure meaningful access to important data from major platforms for academia and civil society, enabling better research into big tech’s harms and stronger accountability. Transparency efforts like the bipartisan Platform Accountability and Transparency Act (PATA) are essential to advancing transparency while protecting public-interest research. Expanding such legislation to include AI platforms and model providers is critical to addressing privacy-related harms and ensuring accountability in the evolving digital landscape.
Respect browser opt-out signals. We encourage lawmakers at the state and federal level to support key privacy tools, like the Global Privacy Control (GPC) that Firefox uses. Mozilla supports bills like California’s AB 566, which would require browsers and mobile operating systems to include an opt-out setting. We encourage lawmakers at the state and federal level to advance this key privacy tool in law and meet the expectations that consumers rightly have about treatment of their personal information.
Priority 3: Increasing Choice for Consumers
Real choice and control for consumers require an open, fair, and competitive ecosystem where diverse services and providers can thrive.
Updated competition laws – and an understanding of the importance of competition at every layer of the ecosystem – are essential for the internet to be private, secure, interoperable, open, transparent, and to balance commercial profit with public benefit. Mozilla is committed to this future. To achieve this, we must advance the below.
Update antitrust legislation to address anti-competitive business practices, such as harmful self-preferencing, that stymie innovation and limit consumer choice. Congress must pass antitrust legislation that addresses these practices and provides the necessary resources, expertise, and authority to relevant regulatory agencies.
Tackle harmful design practices. Harmful deceptive design practices not only manifest at the interface level, but also deeper at the operating system level – particularly in cases of vertical integration of services and features. Deploying manipulative, coercive, and deceptive tactics such as aggressive and misleading prompts, messages, and pop-ups risk overriding user choice entirely. Policymakers must hold bad actors accountable.
Foster competition across the ecosystem. Independent browser and browser engine developers, like Mozilla, have a long history of innovating and offering privacy- and security-conscious users a meaningful alternative to big tech browser engines. Policymakers should recognize the importance of independent browsers and browser engines in maintaining a safe, open, and interoperable web that provides meaningful choice.
So what is the path forward?
We see our vision as a roadmap to a healthier internet. We recognize that achieving this vision means engaging with legislators, regulators, and the wider policy community. Mozilla remains committed to our mission to ensure the internet is a space for innovation, transparency, and openness for all.
Beginning in version 138, Firefox will offer an alternative to DLL injection for Data Loss Prevention (DLP) deployments in enterprise environments.
DLL Injection
DLL injection into Firefox is a topic we’ve covered on the Hacks blog before. In 2023, we blogged about the Firefox capability to let users block third-party DLLs from being loaded. We explained what DLL injection is, how we deal with problematic third-party modules, our about:third-party page, and our third-party injection policy. Earlier, in 2019, we released a study of DLL injection Firefox bugs in collaboration with Polytechnique Montréal. We return to this topic now, in the context of enterprise Firefox installations.
First, a reminder of what DLL injection is and why it continues to be problematic. DLL injection is the term we use to describe third-party Windows software injecting its own DLL module code into Firefox. Third parties develop DLLs for injecting into applications to extend their functionality in some way. This is prevalent in the Windows ecosystem. When third-party code is injected, the injected code interacts with the internals of the application. While it is not unusual for software to work together, and the internet is built on software interoperating over documented standards, DLL injection differs in that the undocumented internals of an application are not intended to be a stable interface. As such, they are a poor foundation to build software products on. When the underlying application is changed, it can result in incompatibilities, leading to crashes or other unexpected behavior. In a modern web browser like Firefox, new features and fixes, big and small, are developed and released on a monthly schedule. Normal browser development can therefore cause incompatibilities with injected software, resulting in Firefox crashes, bypassing of security features, or other unpredictable buggy behavior. When these problems arise, they require emergency troubleshooting and engineering of workarounds for users until the problems are addressed by software updates. This often requires collaboration between the browser and the third-party application’s developers. The type of software injected into Firefox varies from small open source projects to widely-deployed enterprise security products. In an attempt to eliminate some of the most difficult DLL injection issues, we’ve turned our attention to Data Loss Prevention enterprise applications.
Data Loss Prevention (DLP) in the Enterprise
Data Loss Prevention (DLP) products are a type of software that is widely deployed by organizations to prevent unintended leaks of private data. Examples of private data include customer records such as names, addresses, credit card information or company secrets. Much like how anti-virus software is deployed across a corporation’s fleet of laptops, so too is DLP software. These deployments have become increasingly common, in large part due to compliance and liability concerns.
How does this relate to Firefox? DLP software typically uses DLL injection to monitor applications such as Firefox for activity that might leak private data. This only applies to specific operations that can leak sensitive information such as file uploads, pasting (as in copy-and-paste), drag-and-drop, and printing.
DLP and Firefox Today
Today, DLP software typically monitors Firefox activity via DLL injection as described above. Firefox and web browsers are not unique in this respect, but they are heavily used and under constant development, making DLL injection more dangerous. DLP software is typically deployed to a fleet of corporate computers that are managed by an IT department. This includes deployment of the software that injects into applications. DLP vendors take efforts to ensure that their products are compatible with the latest version of Firefox by testing beta versions and updating their DLLs as needed, but problems still occur regularly. A common issue is that a problem is encountered by corporate users who report the problem to their IT department. Their IT staff then work to debug the problem. They may file a bug report with Firefox or the DLP vendor. When a Firefox bug is filed, it can be a challenge for Mozilla to determine that the bug was actually caused by external software. When we learn of such problems, we alert the vendor and investigate workarounds. In the interim, users have a poor experience and may have to work around problems or even use another browser. When the browser is not functional, the problem becomes a high severity incident where support teams work as quickly as possible to help restore functionality.
Browsing Privacy
When users browse on company-owned computers, their browsing privacy is often subject to corporate-mandated software. Different regions have different laws about this and the disclosures required, but on a technical level, when the device is controlled by a corporation, that corporation has a number of avenues at its disposal for monitoring activity at whatever level is dictated by corporate policy. Firefox is built on the principle that browsing activity belongs only to the user, but as an application, it cannot reasonably override the wishes of the device administrator. Insofar as that administrator has chosen to deploy DLP software, they will expect it to work with the other software on the device. If a well-supported mechanism is not available, they will either turn to opaque and error-prone methods like DLL injection, or replace Firefox with another browser.
What’s New – Reducing DLL Injection in the Enterprise
Starting with Firefox 138, DLP software can work with Firefox without the use of DLL injection. Firefox 138 integrates the Content Analysis SDK and it can be enabled with Enterprise Policies. The SDK, developed by Google and used in Chrome Enterprise, is a lightweight protocol between the browser and a DLP agent, with the implementation being browser-specific. In other words, Firefox has its own implementation of the protocol. The integration allows Firefox to interact with DLP software while reducing the injection of third-party code. This will improve the stability for Firefox users in the enterprise and, as more DLP vendors adopt the SDK, there will be less third-party code injected into Firefox. With vendors and browsers using the same SDK, vendors can know that a single DLP agent implementation will be compatible with multiple browsers. During development of the Firefox implementation, we’ve been working with some leading DLP vendors to ensure compatibility. In addition to stability, Firefox will display an indicator when the DLP SDK is used, providing more transparency for users.
For Enterprise Use
Firefox will only enable the Content Analysis SDK in configurations where a Firefox Enterprise Policy is used. Firefox Enterprise Policies are used by organizations to configure Firefox settings across a fleet of computers. They allow administrators to configure Firefox, for example, to limit which browser extensions can be installed, set security-related browser settings, configure network proxy settings, and more. You can learn more about Firefox Enterprise Policies on our support article Enforce policies on Firefox for Enterprise.
Collected here are the most recent blog posts from projects all over the Mozilla community.
The content here is unfiltered and uncensored, and represents the views of community members.
Individual posts are owned by their authors -- see original source for licensing information.
<figcaption class="wp-element-caption">Members of the Fox Recap team at California State University, Monterey Bay, presenting their capstone project. Pictured (left to right): Taimur Hasan, Mozilla community manager Matt Cool, Kate Sawtell, and Diego Valdez. Not pictured: Peter Mitchell.</figcaption>
<figcaption class="wp-element-caption">Create and switch between different browsing setups</figcaption>
<figcaption class="wp-element-caption">Search what you see with a simple right-click on an image</figcaption>
<figcaption class="wp-element-caption">Cover credit: Photography by Spencer Lowell for TIME
</figcaption>
<figcaption class="wp-element-caption"> Customize your billionaire avatar at 
<figcaption class="wp-element-caption">Try out your billionaire in our AR holobox at TwitchCon booth #2805</figcaption>
In response to feedback we’ve heard from the community, AMO (
The developer community should be aware we’ve detected a phishing campaign targeting AMO (
There has also been a bunch of Java/Kotlin conversion going on, and some refactoring in the local search code. Above mentioned work on the drawer and documentation was also Wolf’s work. 
<figcaption>Image via Apple TV+</figcaption>
<figcaption>“Marshmallows are for team players, Dylan.”</figcaption>