Restricting user actions - Thunderbird

From MozillaZine Knowledge Base

This article was written for Thunderbird but also applies to Mozilla Suite / SeaMonkey (though some menu sequences may differ).

Periodically a corporate administrator asks in the forums how to prevent their users from doing something with Thunderbird (such as installing an add-on) in order to make it easier to support. In general, you can't prevent a knowledgeable user from using all of the features of Thunderbird because they can work around any restrictions by either installing a new version of Thunderbird, creating a new profile, editing or deleting the optional userChrome.css file, disabling an add-on, or creating another instance of something. They can also use Portable Thunderbird to work around any restrictions on installing a program, writing to the Windows registry, or being able to alter the contents of the profiles.ini file. While Portable Thunderbird is designed for a roving user who stores both Thunderbird and their profile on a removable USB drive nothing prevents a user from installing it on their hard disk.

The best solution is typically to encourage other solutions to the user's problem (rather than trying to prevent a user from doing something) and to use remote deployment tools to help somebody recover from shooting themselves in the foot.

The menu editor add-on is mentioned several times in this article. It is listed as a Firefox add-on but it also works with Thunderbird. There is a convention that if a Mozilla add-on supports multiple applications it will list an abbreviation for the name of each supported application in the filename. If you right click on the "Add to Firefox" button on the add-on's web page and chose "Save link as" in the context menu, you should see a menu_editor-1.2.7-fx+tb.xpi filename. 'fx' means it supports Firefox. 'tb' means it supports Thunderbird.

Disable a menu command

Use the Menu Editor add-on. However, somebody could disable that add-on or run Thunderbird in safe mode to temporarily disable all add-ons. If you hide the add-on (doesn't appear in the Add-ons window) by installing it in the program directory they could learn how to find and delete that extension's directory or learn how to transfer their data to a new profile.
If you wanted to disable Tools -> Account settings without using an add-on you could create a userChrome.css file that contained menuitem[label="Account Settings..."] {display: none;} . However, a user could edit or delete that file, or (if they don't understand how you disabled it) just transfer their data to a new profile.

Disable a context menu

The Menu Editor add-on has a text file that you can edit to modify menu commands that aren't listed in the GUI. The menu editor is listed as a Firefox add-on but it works with Firefox and Thunderbird. The way you can tell that is to right click on it and select "save link as", and notice that menu_editor-1.2.7-fx+tb.xpi has both a fx (for Firefox) and a tb (for Thunderbird). Add-ons that support multiple Mozilla applications follow that type of naming convention. [1]

Hide a button

If you wanted to hide the Show Password button you could create a userChrome.css file that contained button#togglePasswords { display: none !important }. However, a user could edit or delete that file, or (if they don't understand how you disabled it) just transfer their data to a new profile. [2]

Force a user to only use the LDAP server for an address book

You can configure Thunderbird to use a LDAP server as the personal address book. However, that doesn't stop a user from adding other address books (using .mab files on the hard disk) and configuring the contacts pane, the message filters and junk mail controls to use that address book instead. [3]

Prevent a user from installing any add-ons

You can use the menu editor extension to disable the Tools -> Add-ons menu command but a user could launch Thunderbird with a -safe-mode command line argument to temporarily disable all add-ons, letting them disable or uninstall that add-on. They could also use the profile manager to create a new profile and transfer just their messages, settings, and address books to it. [4]

Prevent a user from installing any add-ons other than the recommended ones

You could create a hidden extension installed in the program directory that gets notified of attempts to install add-ons and checks them against a list of approved add-ons. However, a user could install another copy of Thunderbird or learn how to find and delete the hidden extension. [5]

Prevent a user from exporting an address book

You could disable the menu commands using the Menu Editor, block all ports and devices on the PC and add some rules to the mail server blocking certain types of attachments from being sent but that doesn't prevent a user from renaming abook.mab and sending it as an attachment. They could also use a utility such as Dawn to convert the .mab file to another format or use an extension such as MoreFunctionsForAnAddressBook to add another way to export the address book. [6]

Prevent a user from creating an account

You could disable the menu commands using the Menu Editor but that is easy to workaround. They could create the account in another e-mail client and then import it. Its also possible for somebody to add an account by editing prefs.js with a text editor if they're willing to spend the time learning the syntax. The best solution would be to block access to specific POP and IMAP servers using the firewall. [7]

Prevent a user from reading somebody else's e-mail

See Protecting the contents of the profile [8]

Prevent a user from storing their e-mail on the hard disk

As long as there is sufficient disk space that they can write to there is no practical way to prevent that since they can always move the profile or reconfigure it to store the mail elsewhere, outside of the profile. The best solution would be to use an IMAP account, delete the Local Folders account, and find some way to discourage use of offline folders. [9]

Prevent a user from deleting messages

Usually this is only an issue when multiple users share a mailbox. Use a public (shared) IMAP account that is managed by somebody else, such as a manager. Give only the manager an ACL that lets them delete messages. [10]

Prevent a user from changing the settings

Firefox supports a mozilla.cfg file that contains encoded javascript commands that you can use to lock settings. Thunderbird doesn't have an equivalent file. The best you can do is create an optional user.js file. It gets loaded after prefs.js so that it can override any edits to prefs.js or any changes made via the Config Editor. However, a user could either edit or delete the user.js file, or create a new profile.

Prevent a user from printing a message

If you trash the printer settings (such as print_printer) and/or hide the print menu commands they could copy and paste the message into a word processor, or save the message as a HTML file and print it using another application. They could save an attachment as a file and print it using another application.

Prevent multiple users from using a shared mailbox at the same time

Problems occur if multiple users use the same mailbox and profile. The best way to minimize any problems is to use an IMAP account with separate profiles. [11]

See also

External links