Email items yet to be implemented are on the near term road map as "Phase 5", expected to be available/resolved by 1Q2026 (subject to change). These are listed in this phase 5 bug query and as a shorter, more easily understood list at the Exchange KB article.

Calendar and address book via EWS are currently in development and will follow at a later date. Also in the future is Exchange via Graph API, so please do not file bug reports for these items at this time.

To stay informed about progress you might watch:

• The blogs posted with the exchange tag https://blog.thunderbird.net/tag/exchange/, or subscribe to the RSS feed https://blog.thunderbird.net/feed/.
• The topicbox beta group or enterprise group.

Open bug reports

Open bug reports:

• The Exchange meta bug 1847846 tracks most related bug reports.
  • Click "Dependency tree" to see a list of bugs.
  • If you create a bugzilla account, you can click "Follow" at the top of a bug report to be notified by email of changes to the bug, plus state changes of all dependent bugs (an example state change is "fixed").
• Alternatively, lists https://mzl.la/4qtcSPI and https://mzl.la/43C0xyF (which excludes phase 5) for up to the second accuracy, which do not depend being marked as blocking bug 1847846. Also excluded in these lists are internal tests which do not affect users.

We welcome your testing and feedback, and reporting of unexpected behavior or errors.

Only email for exchange is available at this time.

To report a problem when using beta or release, version 145 and newer, please file a bug report.

Please use topicbox to discuss or ask questions about Exchange, either the beta group or the enterprise group.

Items to test

Account Setup and Configuration

• Configure an EWS account in Thunderbird
• Authenticate using username and password
• Use the Account Hub to register EWS accounts
• Optionally disable Account Hub in settings for legacy account setup

Email Synchronization

• Synchronize inbox and subfolders
• Automatically sync new emails

Folder Management

• Create, rename, and delete folders
• Synchronize folders and subfolders
• Move and copy emails between folders

Email Handling

• Send, receive, reply to, and forward emails
• Attach files and inline images
• Mark emails with tags
• Delete emails and confirm proper synchronization

Additional Features

• Search emails (test both subject and body)
• Use "Save as Search", Quick Filter, and sort options
• Check folder properties (e.g. retention settings)
• Confirm message sync behaviors

Filter Creation and Management

• Create filters based on sender, body, recipient, subject, size, date, etc
• Define actions such as move or copy
• Apply filters automatically on incoming mail
• Run filters manually on selected folders
• Edit, disable, delete filters and view filter logs

Microsoft EWS is a legacy SOAP-based API for accessing Exchange data, while Microsoft Graph API is a modern, RESTful API for accessing a wide range of Office365 services, including Exchange data.

The EWS API is being partly retired by Microsoft in favor of Graph API. However, there is still a whole year before this API gets retired, and this only impacts domains hosted on Microsoft's Office365 cloud. On-premise instances of EWS are not subject to this retirement deadline.

Today, Thunderbird supports EWS. Graph API will be supported in the future.

“Microsoft hosted” refers to a scenario where an organization uses the cloud-based exchange server provided by Microsoft, using domains which resolve to the Microsoft cloud infrastructure (Office365). This includes using a custom domain which isn't owned by Microsoft but resolves to their cloud platform. These configurations typically require users to authenticate using OAuth2 via login.microsoftonline.com.

“Self hosted” refers to a scenario where an organization (like a school or a company) provides their users with an Exchange mail server that is hosted on their servers, with their domain.

If the organization allows basic password authentication for their self-hosted instance, their users will be able to use Thunderbird’s new EWS support. NTLM support for Exchange accounts is not available yet in Thunderbird, but should be introduced soon.

If the organization enforces OAuth2 authentication and has basic password authentication disabled, additional steps are required. This is not yet supported, largely due to limitations in the OAuth2 authentication mechanism within Thunderbird.

Why?

When an email client like Thunderbird wants to use a domain to perform an OAuth handshake, two things typically need to happen first:

1. The mail server has to be configured by an administrator to explicitly allow Thunderbird, and credentials need to be generated that can be used by Thunderbird to connect to that system.
2. Thunderbird has to be made aware of the credentials.

An example of this can be seen in the handshake details between login.microsoftonline.com in the OAuth2Providers.sys.mjs file of the Thunderbird codebase. Note that the OAuth2Providers.sys.mjs file is currently the only place within Thunderbird where domains are enabled for OAuth2 authentication.

Microsoft hosted scenario - most common

Thunderbird supports authenticating against Microsoft's authentication portal (login.microsoftonline.com), via pre-configured OAuth2 application credentials. So if a user’s organization uses it, and doesn't require tenant-specific identifiers (see below), we have the required handshake credentials (for login.microsoftonline.com) already in Thunderbird and so they will be able to register and use their Exchange email in Thunderbird.

Note that outlook.com and hotmail.com only support IMAP, and EWS should be available for most office365.com accounts.

Microsoft hosted with tenant-specific instance - less common

TLDR - This is not yet supported.

Some organizations and institutions have customized their security settings for their enterprise such that their users need to authenticate with different credentials than the ones typically used by Thunderbird for Microsoft.

This is not yet supported, due to OAuth2 limitations and we are planning to improve our OAuth2 mechanism to allow this in the near future.

Self hosted scenario - less common

TLDR - self hosted (aka on-premise) works with password/basic auth, but NTLM and OAuth are not yet supported.

You can tell from this OAuth2Providers.sys.mjs file that there are no domains correlating to self hosted mail servers, meaning Thunderbird won’t know anything about an Exchange server hosted within non-cloud infrastructure so won’t be able to complete an OAuth handshake with this server.

To ease this painful situation of a self hosted server being usable in Thunderbird, Thunderbird can consume these handshake details via an add-on. So now it’s possible for a mail server administrator to create a customized (to their server) add-on that provides the OAuth handshake details of their server which their users can install, or that can be rolled out to users via enterprise policy.