FIRST - I have now checked four and a half days of emails received on my two email accounts (one SSL @verizon.net and one NOT SSL @[wife’s company name.com via Network Solutions]. My incoming email app is Outlook Express 6, and my PC is a Dell with WinXPPro SP3 and plenty of RAM.
All are now being checked by Avast. When I started this thread, four incoming emails on Tuesday, March 12, from 9:32pm to 10:09pm EDT were NOT checked by Avast. (Their “Properties - Details” LACK the lines
X-Antivirus: avast! (VPS 130314-2, 03/14/2013), Inbound message
X-Antivirus-Status: Clean
that I now find on my other incoming emails.)
So, it looks better. But why did four NOT get checked?
SECOND - Avast has blessed a BAD incoming email. Troubling.
On Thursday, March 14, 2013 8:50 AM EDT, I received a fake email on my SSL verizon.net email account saying it was from Experian with the legend “A Key Change Has Been Posted to One of Your Credit Reports” and a zip attachment. It was an obvious ambush from bad guys (which I have just confirmed with Experian tech support), and I forwarded it to spamdetector.notcaught@verizon.net. However, this bad email HAS the two lines
X-Antivirus: avast! (VPS 130313-1, 03/13/2013), Inbound message
X-Antivirus-Status: Clean
WHY DID AVAST BLESS THIS EMAIL?
I’m sorry. The AntiSpam module is only in AIS and Avast Premier. However, Thunderbird, Pegasus Mail and several other email clients do have built-in antispam capabilities. I use Pegasus Mail, and it’s SpamHalter does a fine job for me. SpamHalter use Bayesian logic, so the user has to train it at least at first. I get very little spam since dumping my old MyRealBox account, so SpamHalter’s training is likely stale by now.
If your SSL emails are not being scanned after following the “official” instructions that came with Avast 8, I suggest that you check Avast’s emailshield.ini settings. emailshield.ini can be found at something like C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\EmailShield.ini (XP location) or C:\ProgramData\AVAST Software\Avast\EmailShield.ini (Vista, Win7). Note these folders may be hidden. If you have updated to Avast8 from earlier versions the details of the folder names may vary slightly - e.g. C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\EmailShield.ini
Under the [EmailScanner] section, there should be: ScanSSL=1
If this parameter is not there (or set to 0), you can try changing this to 1, as above. Then save the changes, the avast! Self-Defence Module will ask for confirmation, answer Yes.
You will then need to reboot to get the changes to be picked up by Avast.
eBatch: Thanks. But, as I noted above, after the brief period of NON-scanning, Avast seems to be scanning my SSL emails. My incoming emails now have the following in Properties:
X-Antivirus: avast! (VPS 130323-1, 03/23/2013), Inbound message
X-Antivirus-Status: Clean
I do not know why four were not scanned, and I deleted the phish from fake Experian.
There is no need to go through that hassle, all it is saying it Scan SSL or Don’t scan SSL emails and that option it there in the interface - avastUI, Mail Shield, Settings, SSL Scanning - Scan SSL connections. Check or Uncheck that option toggles that emailshield.ini between 1 and 0 on/off.
The whole point of my suggestion is in case using the avastUI doesn’t take effect in the emailshield.ini file (as has happened to me on at least one occasion). Bods can therefore “manually” enforce the necessary change to see if that makes any difference.
After looking around the web for answers to this problem, none of them helped.
The solution I did find, however, seemed to solve my problem perfectly well.
My problem: hotmail/live e-mail accounts were unable to connect to pop3.live.com (i.e. you could see in Thunderbird status bar “Connected to pop3.live.com” but, nothing would actually happen).
To solve this problem, I took the following steps…
Right click on the e-mail address in the left-most addresses/accounts pane that’s having issues.
Click “Settings”
Click on “Security” for the security sub-section of settings for this account
Click “View Certificates”
Click on the “Others” tab
You should see an avast! certificate there for the particular pop3 mailserver.
Delete it.
Close Thunderbird completely
Open avast!
Click on the “Security” tab
Click on the “Mail Shield” icon
Click “Settings” (next to Stop)
Go to “SSL Scanning” in the navigation menu
Uncheck “Scan SSL connections”
Click “OK”
Click “Settings” again (next to Stop)
Go to “SSL Scanning” in the navigation menu
Check “Scan SSL connections”
Click “OK”
You should get a warning you’ll need to restart your e-mail client. If you haven’t already closed it, restart it now.
When Thunderbird attempts to retrieve your e-mails, you should get warnings about certificates. Accept them all (make sure permanently). These are just avast! generated, you can check by clicking “View” and you will see the publisher/creator is avast! Mail Scanner.
Enjoy your e-mail (hopefully)
By deleting the certification, and what seems to force avast! to re-generate their SSL certificates, it should now be working fine and scanning your e-mails downloaded over SSL.
IMPORTANT: There is a lot of misinformation about removing ports from the Redirect Settings in the Troubleshooting section. Do not do this. If you have done this, replace them with the following:
HTTP port(s): 80,8080,8091,8081,8008,8888,3124,3127,3128
Check “Ignore local communication”
SMTP port(s): 25,587
POP port(s): 110
IMAP port(s): 143
NNTP port(s): 119
Check “Ignore local communication”
Hope this helps someone. If it does, please post and let others know.
Here is a workaround that worked for me with Seamonkey (and might work also with the rest of the Mozilla-family):
Check that “SSL on” is activated in the avast settings menu. I did add the respective used ports, but don’t know whether that is necessary, it didn’t harm the results, though.
For outgoing mail: Make sure that old certificates for Avast in your e-mail program are deleted; compose and send an e-mail to your own address, then (only!) you will get the prompt for an “exception to a certificate” - this prompt may be hidden underneath other windows, don’t close them, just minimize! Save the certificate, and note the valid time - some were only to 2014, others to 2018; at that point you might have to repeat the procedure again.
For incoming mail: Just check for new mails, you will also get the “exception to certificate”, check and save as above.
Repeat this for every other possible account.
This procedure was easier on Avast7, and the upgrade to 8 migrated this settings. After having to reinstall Windows and Software the new installation of Avast8 did not accept the old certificates, that were still stored in the Seamonkey settings; that’s why it is important to delete the old avast certificates, especially when installing avast8 new.
P.S.: I’ve been using avast for 3 years now, and yes: the layout of the 7 Version I liked better, too!
P.P.S.: I did not go into details about the certificates, since NJCarlos did that explicitly already in his post above
Since the 6 of july, i’ve stop receiving my emails on several of my accounts. It has gone unnoticed until today because sometimes life just wont let you…
Before reading about the certificates here, i was pulling my hairs trying to solve this problem.
But on my case, the thing to delete was on the Autorities tab and was called “avast! Mail Scanner Root”.
But since i’ve been running several version of both avast and Thunderbird, I’ve deleted all certificates that weren’t “builtin”. There was a lot…
@njcarlos not 100% sure if I followed your procedure exactly as avast did a program update in the middle of following it…but it certainly seemed to do the trick…this should have been sorted by export cert etc but didn’t seem to work andI have been getting help from avast support which didn’t seem to go anywhere - I think they might be advised to put your solution up as a FAQ or sticky
bizarrely I used Avast free for years and only paid in the last year as I felt it was only fair…then suddenly I have my first ever issue! this is not the first time I have had this happen with free vs paid software…it does really seem sometimes with software, that the best things in life are free (linux / thunderbird / firefox / openoffice : to name but a few)
Thank you njcarlos for your help: I was able to solve this problem thank to your steps, which pointed me in the right direction! In my case, there was no certificates in the “Others” tab so:
Remove the avast! certificate from “Authorities” tab.
Close down and restart Thunderbird.
When reading mail from SSL IMAP or POP, Thunderbird will prompt a security exception for each of the mail servers. Just accept them.
Thank you very much for this information. Following these steps after the latest update got my email working with SSL again. I was not getting error messages, but I was not getting my email either. This fixed the problem and allows me to continue using SSL. The only solution I had before was to not use SSL.