avast! and Mozilla Thunderbird question

Hello. I’ve just installed Thunderbird and have set up my account. Avast has given me the warning popup that Thunderbird uses SSL and avast cannot scan messages with encrypted connections. I would like Avast to protect me, but I don’t want to put myself at risk by removing my connection encryption. Does avast re-encrypt connections or keep me protected with its own SSL/TLS protocols?

Thanks,
Mike

Avast handles the SSL process - see https://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=842. Whilst this is an old article and mentions avast6 it is relevant for avast7 also.

Ok, I followed that, and when I opened the Mail Shield settings, there is already an entry there. The email that I use is an AOL email, but the port 993 does not match the port in my mail client. Does this matter?

http://screenshooter.net/data/uploads/ht/gy/cqum.jpg

I’m not familiar with AOL Mail, but avast’s Mail Shield should auto detect the email account and the correct secure port to use (if required).

Provided you have followed the instructions in the link I gave for your email programs account settings, avast should handle the rest.

If you have - Then the main thing nor is does it work ?

OP: FWIW, I too recently saw something that seems consistent with what you are describing. Namely, that while testing a Thunderbird<->Server secure connection first (prior to bringing MailShield into the picture) avast 6 created its own MailShield rules which were also wrong (port at least, maybe more can’t remember). I don’t know why this is, but I think it should be preventable.

One thing you too would be aware of is that Thunderbird tries to get fancy and help noobs automatically configure their server settings. IIRC, it does this via several steps (check for local configuration file, then check remote server passing to it the email address, then check Mozilla site passing to it the email server domain name, then try some logical guesses). This of course can result in information leaks to parties that shouldn’t see such information and it can also result in undesirable if not flat out wrong settings.

I mention this because after I saw the avast behavior I began to wonder if avast was trying to get creative too. I didn’t go back and check for that, but if you are so inclined you could.

Well, avast! is scanning my emails as they come in. It just seems strange that it is using a different port than what the mail client is using. I thought they had to be the same for it to work, but I guess not.

Some servers do support the same secured protocol on multiple ports (and/or hostnames for example). Question is, HOW is avast scanning your email if your email client is establishing a secure connection with the email server (edit: or did you stop doing that?)? Thoughts:

  1. You don’t have Thunderbird configured to establish secure connection(s) with your email server(s). It is fetching over unsecured connection which MailShield is intercepting and converting to a secure connection on a port that just happens to work.
  2. You do have Thunderbird configured for secure connections but they aren’t secured against an avast MailShield man-in-the-middle (and Thunderbird didn’t alert you and ask you to approve). Which would surprise me because Thunderbird alerted me to certificate issues avast MailShield didn’t.
  3. Avast is using another means (email client and/or OS API) to scan email and the MailShield entry is not having any affect

I went ahead and turned off SSL/TLS on Thunderbird and allowed avast to scan my emails. So as long as avast will re-encrypt my connection itself, then I am happy.

Not sure if my problem is Avast! related but here goes. I consider AVAST my last ditch effort before scrubbing my hard drive and starting over.
Problem: email starts loading, mail client “sees” mail on webserver (centurytel.net), it loads the first email and receives in bytes/min instead of kb/second and never finishes because the server times out. I even extended my time to max and still doesn’t finish.

I have copies of MS Office 2003 with outlook, same problem, also 2007 with Outlook Express, and 2010 with outlook express. same problem except the MS products crash and have to user the end program. I tried Thunderbird, it has same problem but doesn’t lock up. You just shut down normally.

I have worked with Internet Provider and password and other settings are correct - verified multiple times.

When I removed each of the programs, no problems arose with deletion of files.

Now get this. I had a spare drive - reformatted, installed XP and went through the ten years of updates, installed MS 2003, configured outlook and it works!!!

Everything worked on the other drive since my upgrade of MS office/Outlook 2010 until about the time we had a large update to AVAST! - I have the current version of AVAST! installed.

I have used products to clean registry - cleanup, etc.

My layman’s logic now says I have an XP problem or some conflict with other programs. No error messages except the Outlook frozen message with the end program doesn’t work. I assume that this is because all the mail clients I tried are trying to load that first email that never completes.

Any advice before I have to go through the pain and suffering of a reformat. I have LOTS of programs installed that will likely take a weekend to do this again.

Thanks for any hellp