Hi,
I was finally forced to upgrade to the free edition of avast! 5 and now I am not longer able to connect to my ISP and check my email with a utility called PopTray and avast! says I have to turn off the email security I have in SeaMonkey. Needless to say I don’t want to do the latter and don’t see that as an option with the former, so I need to find another AV. Any suggestions?
TIA
Ed
You are turning off SSL so that a) avast can scan the email content and b) avast handles the SSL connection, so you are still using a secure connection.
Thanks for the reply David.
I just tried Avast!'s SSL, TLS and None settings for my ISP and PopTray still won’t connect to my ISP’s mail server.
With SeaMonkey I probably have 8 or 9 email connections, 1 for my ISP and the others for webmail services. I had no problems with any of these services or email clients with Avast! 4 and I really don’t want to spend a day tinkering with an AV product to get it to work with my email systems which all worked fine and securely with your prior release.
It isn’t the avast SSL settings that need to be disabled but those in your email client and allow avast to handle the SSL connection.
The webmail ones shouldn’t be scanned if they are truly webmail. However that said using PopTray, my guess is that this is importing them as standard POP3 protocol ?
I don’t use poptray, so I don’t know how it functions.
So only the ISP email account in your email client (if it uses SSL) should have that switched off.
Dave, here’s an image of PopTray’s setting for my ISP, do you see a security setting I can change?
Surely your email client account settings rather than poptray would be the ones causing the issue (as the email program although greyed out says to use the default program), as I suspect that poptray may well not be even scanned ?
If you removed the ISP account from poptray extension do the others (webmail accounts) get downloaded ?
I don’t use an email client on this machine. To respond to emails that I view in PopTray I use IE and access the account via webmail.
With Avast! 4 PopTray would scan my ISP for new email every 5 mins and alert me if there was anything new, I could then review the email with PopTray’s text viewer. With Avast! 5 I can no longer do that unless I Disable all Shields for 10 mins.
PopTray is a free app if you want to see what I am experiencing. www.poptray.org
That link gives very limited info, I’m still not completely sure exactly how this works. Crucially if it actually downloads the complete email into an inbox, etc. or if it is just designed to notify if you have email and you download using your email client.
I know it accesses your email accounts and it sounds similar to my anti-spam, MailWasher Pro (MWP), though that doesn’t notify if mail is present. It connects to the servers and downloads a small part of the email in text format into MWP to identify it as spam, etc. It will then delete from the server and you download the remainder normally with the email client.
I have excluded my mailwasher pro, based on the low risk of only grabbing a small text part of the email (no attachments); to me it sounds like you could do the same for poptray, though you would have to accept any risk involved in doing that, see ~~~~ below.
None of the above makes any difference if you download email using seamonkey and any of that is SSL, that would have to be dropped as mentioned.
If there are no SSL accounts I would suggest deleting all the accounts in the SSL Accounts of the avast Mail Shield, Expert Settings (especially if you going to use the ignore process I mentioned) and restart the Mail Shield or reboot. That would recreat any accounts, based on what is in seamonkey and not it and poptray.
- Note avast's Mail Shield would scan the email traffic to poptray:
- Personally I have avast IgnoreProcess for mailwasher.exe. Since MailWasher doesn't download the complete email to do its analysis, it only downloads the headers, a small part of the body, it doesn't download images or attachments and it views what is downloaded in text only. Based on this I personally don't feel that any negligible risk worth scanning duplication, but the choice is yours.
By editing the EmailShield.ini file, [MailScanner] section using notepad. C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\EmailShield.ini
[MailScanner]
IgnoreProcess=PopTray.exe (or whatever the executable file name is) add this line if you don't already have an IgnoreProcess line.
Save the changes to EmailShield.ini and exit, the avast self-defence module will ask are you sure about the changes, etc. answer Yes.
The above file location is for XP so you might need to find it on Vista, etc.Two different machines, two different ways I access email.
Notebook: PopTray and IE/webmail
Desktop: PopTray and Seamonkey
At this point I’m mainly concerned about the notebook.
PopTray checks the server for new emails and allows me to Preview my ISP emails. See the 2 attached images for a better explanation.
Well IE/Webmail isn’t covered by the Mail Shield but by the Web Shield; assuming you use the optout process for poptray (and remove the entries in the mailshield expert settings) as suggested, then the mail shield wouldn’t feature.
I’m sorry I’m not sure what you mean.
However 15 mins after I last disabled the avast! shields control for 10 mins I was surprised to hear that I had new mail!! I don’t know why or how but it is now working. I rebooted and it is still working so it’s not a fluke.
I do have my ISP’s pop3 server added to avast!'s SSL Acounts page with encryption set to None so that has to be it. I honestly don’t understand the overall security impact but I’m kinda happy at this point.
I will work on the desktop machine with SeaMonkey later this week.
Thanks for all your help Dave.
Read my Reply #7 above as that is where I have explained how to effectively exclude poptray content from being scanned (optout)
The overall security impact is no different as you currently don’t appear to be using SSL for your ISP email account.