During the last few weeks we get more and more alerts from our beta tester regarding the Thunderbird e-mail client. The problems are not OS specific. Some testers described them as "like having a virus in the system that occupies ALL the resources - CPU, memory, disk and network".
Indeed, PerfProtector detected Thunderbird as the source for this problem. Turns out that almost all of its statistics were significantly deviated from the known profiles of Thunderbird behavior.
It looks as someone replaced Thunderbird with another application that has a completely different behavior.
However, this new behavior doesn't look right at all. It dramatically affects the performance of the clients while having many negative side effects. The machines are hogged for hours - the CPU utilization is very high, the memory consumption increases continuously, the hard disk constantly performs many read/write operations and gigs of data are transferred from the network side. And on top of that, it is impossible to use Thunderbird at all - can't read e-mails, can't send e-mails, can't reclaim the inbox...
It sounds like a very aggressive virus/Trojan that took control over the machine and then went completely out of control.
What was common between the infected machines? Thunderbird 3.
Users, which used for years previous versions of Thunderbird, said that once it was upgraded (automatically) to version 3, their machines were stuck for days. Fresh installs of Thunderbird 3 produced the same behavior.
What went wrong from version 2 to 3? How bad it is?
To understand the exact problem we reproduced it in our lab. We set up Linux (Ubuntu) and Windows (XP, Vista and 7) machines and tested them first with Thunderbird 2 (version 18.104.22.168) and then with Thunderbird 3 (versions 3.0 and 3.1.1). On each machine we configured a GMAIL IMAP account with a real mailbox that has about 9,000 e-mails from the last 4 years where the total size of the mailbox was less than 5 GB. This mailbox reflects an activity of about 5 e-mails per day with an average size of about 500KB per e-mail.
Then, the machines were monitored by PerfProtector.
The following graphs compare the behavior of Thunderbird 2 to Thunderbird 3 during the first 48 hours after their fresh installation. In each graph, the blue line represents the behavior of Thunderbird 2 the red line represents the behavior of Thunderbird 3.
While CPU utilization of Thunderbird 2 is usually between 0% to 10% with an average of 0.3%, Thunderbird 3 CPU utilization is between 5% to 80% with an average of 30% - 100 times more than Thunderbird 2. In addition, during long periods of time, Thunderbird 3 used more than 50% of the overall CPU resources. This behavior slows dramatically the whole machine.
Thunderbird 3 memory consumption is twice as Thunderbird 2 consumption.
Read Operations from Hard Disk:
While Thunderbird 2 performs minor read operations from the hard disk, Thunderbird 3 performs thousands of read operations during long periods of time.
Thunderbird 3 reads gigs of data from the hard disk during long periods of time. Thunderbird 2 reads almost none. This behavior affects the response time of the hard disk and the behavior of other applications that read from the hard disk.
Write Operations to Hard Disk:
While Thunderbird 2 performs minor write operations to the hard disk, Thunderbird 3 performs thousands of write operations during long periods of time.
Thunderbird 3 writes gigs of data to the hard disk during long periods of time. Thunderbird 2 writes almost none. Similar to the read behavior, it affects the response time of the hard disk and the behavior of other applications that write to the hard disk. In addition, it occupies gigs of free space from the hard disk.
While Thunderbird 2 performs minor download operations from the Internet, Thunderbird 3 performs thousands of download operations during long periods of time.
Thunderbird 3 downloads gigs of data from the Internet during long periods of time. Thunderbird 2 downloads almost none. This behavior affects the response time of the Internet connection. It hogs the connection and slows dramatically the Internet activities. In case your Internet is paid according to the bandwidth that you use, your bill will increase significantly.
We can see that Thunderbird 3 has a completely different behavior than Thunderbird 2. While Thunderbird 2 behaves like a normal balanced application, Thunderbird 3 has a sure anomalous behavior - its deviations from normal behavior are crystal clear. Thunderbird 3 reclaimed the CPU, reclaimed the memory, reclaimed the hard disk and reclaimed the network.
What is the source of these problems?
These problems are due to a combination of two features:
- The first feature is the Global Search and Indexer. This feature is new in Thunderbird 3. It enables fast search of e-mails in the mailbox. However, Thunderbird has first to index all the e-mails and this process is time and resource consuming. It took Thunderbird 3 days to index our mailbox. During this time, its CPU utilization was between 5% to 80%, its memory consumption was between 100 to 150MB and it made thousands of read operations from the hard disk. In addition, even after the indexing was completed, we still noticed that Thunderbird 3 continue to index and re-index from time to time thus consuming more resources from the machine. Moreover, according to Thunderbird's official site, "if you enable Global Search/Indexing it normally uses about 3.5 KB per message in the SQLite database". So our 9,000 e-mails database should theoretically consume about 30MB. However, in reality it consumed 150MB and it keeps growing and growing.
The worrisome thing about this new feature is that it is turned on by default. It happens either when you migrate from Thunderbird 2 to 3 or when you install Thunderbird 3 from scratch. This feature has a huge impact on the behavior of the client: for at least couple of days, the machine is hogged from all directions and the user is helpless. A typical user can't understand what is going wrong with his machine and why he can't do even simple tasks. A new feature, which has this major side effect, shouldn't be turned on by default. It's completely wrong. Users around the world spent hours and days on finding the source of this problem. They conclude that it's due to this new feature in Thunderbird 3. The funny thing is that we didn't find any significant difference between searching with or without indexing . It seems that for a typical user, this feature is not needed.
- The second feature is the Message Synchronization of IMAP accounts. Thunderbird synchronizes the IMAP folders and saves the messages locally on the hard disk of the machine. It means that all your IMAP accounts reside on the machine hard disk. This feature was already in Thunderbird 2 but its default was turned off. In Thunderbird 3, its default was changed to be on. In addition, if Thunderbird 2 was migrated to Thunderbird 3, this feature was turned on automatically, even if it wasn't turned on in your Thunderbird 2 settings! This feature has a huge impact on the computer resources since it downloads all your e-mail messages and stores them on the hard disk of the machine. It means that it uses your Internet connection to download gigs of data and uses your hard disk to store them. It took Thunderbird 3 days to synchronize our mailbox and during this time it hogged our Internet connection by downloading our entire mailbox while making thousands of write operations to the hard disk. Since Gmail maps messages to labels, multiple copies of the same message are held when synchronization is enabled, thus increasing the occupied disk space. As a consequence, our 5GB online mailbox increased to 40GB of data that were downloaded from the Internet and were stored on our hard disk without getting any warning alert from Thunderbird!
This feature may be useful to many users but since it affects dramatically the resources of the machine, it shouldn't be turned on by default. Some of our machines, which have "only" 30GB of free space, were stuck during the synchronization operation. Thunderbird used the whole disk space and not even a single sector was left free.
How to solve these problem using PerfProtector?
The solution is very simple. In the main dashboard of PerfProtector, right-click on the Thunderbird alert and choose either "Disable Global Search and Indexer Functionality" to disable the global search or the "Disable Message Synchronization Functionality" to disable message synchronization.
How to solve these problems manually?
To disable the Global Search and Indexer functionality:
- Open the options window. On Windows, click Tools-> Options. On Linux, click Edit-> Preferences.
- Click on Advanced -> General -> Advanced Configuration.
- Uncheck the Enable Global Search and Indexer checkbox.
To disable the Message Synchronization functionality:
- Open the accounts settings window. On Windows, click Tools-> Account Settings. On Linux, click Edit-> Account Settings.
- For each IMAP account that is configured in your Thunderbird, choose Synchronization & Storage and under Message Synchronization uncheck the Keep Messages For This Account On This Computer checkbox.