Hi !

I use avast! 4.6 home and also The Bat! as my default e-mail client. As we know avast! has a special plugin for The Bat!. So I activated this plugin in my Bat configuration settings.
I have two questions:
1.
I checked an option:

On-access Protection Control->Internet Mail->SMTP->Insert note into clean message

I tried to send a few messages using The Bat! with my gmail account but no avast! message was attached to them. What’s wrong ?

I also checked an option:

On-access Protection Control->Internet Mail->Advanced->Show detailed info on performed action

I also cannot see any avast! announcement window when sending or receiving mail messages. I can see that avast! tray icon is moving around but no info appears
When I check the same option in Standard Shield I can see all avast! announcements. But of course there are too many such scanners messages so I don’t use this option when working with my computer. I just wanted to see scanners messages while sending and receiving mails.

Gmail accounts uses an SSL encrypted connection for the POP3 download and that cannot be intercepted by avast (because it is encrypted). The Bat plugin allows avast to scan the messages being downloaded.

For non-users of The Bat (or MS Outlook) this mail cannot be scanned by avast without the involvement of third party software.

Gmail uses a transmission method and port for its upload that is also not supported by avast, so avast will not intercept, scan or add clean messages for outgoing Gmail.

Now I see.
Thank you alanrf for your competent reply !

Take a look here: http://forum.avast.com/index.php?topic=10428.0 to see how to set up secure email with avast!.
Stunnel now comes as an installer which installs Open SSL and Stunnel so now you just have to download the installer version from here http://www.stunnel.org/download/binaries.html

Well, I have them… clean notes and headers
avast! Professional: Outbound clean 0547-5, 26/11/2005.
avast! Professional: Inbound clean 0547-5, 26/11/2005.
X-Antivirus: avast! (VPS 0547-5, 26/11/2005), Inbound message
X-Antivirus-Status: Clean

Well, what a great news !
So as I understood reading this linked topic I have to install STUNNEL, change SMTP port for GMail and modify avast.ini file. Am I right ?

My apologies for misinforming you on the SMTP side Prozac.

Seems that STunnel is a two way connection allowing your mail client to send standard SMTP mail (that can be scanned and have clean notes inserted by avast) before it is passed to STunnel to run the secure connection outbound to Gmail.

Thanks for the correction Tech, you made me rethink a bit the post on Thunderbird and its new feature (by jj44) so I just added an afterthought to that.

You really don’t have to.
I’m glad there is one solution but I’m afraid I’m not able to configure it properly :-
The guide that Tech mentioned about was written on: 18 January. Now Stunnel has an installer and creates a config file during installation. Also do I have to run this Stunnel every time ?
I tried to configure The Bat!, I have changed the entries in avast.ini file but when I try to send a message I get an error. Something is wrong. I had to set something wrong. I’d be very thankful for a short guide how to use this Stunnel and how to configure smtp and pop settings for my gmail account.
There is also one think I don’t understand.
When avast! plugin for The Bat! is active then every incoming message is saved to a special temp directory and then avast! scans a new created temporary file. It is useful when we use non-standard smtp ports like SSL ports. But when we use Stunnel then our ports are redirected to a standard ones so avast! is able to scan every message. Is the plugin unnecessary in such case ? It would be really nice if someone could explain to me how it works.

Prozac,

I do not use STunnel myself (I haven’t set it up to test with my Gmail) but I am familiar with similar programs and I am pretty sure I know how it works. Others, far my knowledgeable than me, will step in and give you the finer details.

avast works for POP3 and SMTP by being able to intercept the well known ports that almost all mail clients use to receive POP3 and send SMTP.

As we discussed before avast cannot read the message streams if they are encrypted and the encrypted services usually different ports from the ones avast is looking at.

So what is happening with STunnel?

Let’s consider the regular POP3/SMTP case for regular non-encrypted accounts.

When your mail client tries to contact your POP3 mail server the connection is intercepted by avast which fools your mail client into thinking avast is the mail server. avast then really contacts your mail server so avast is now sitting between your mail client and the mail server. avast gets to see all the mail flow between your mail client and your mail server.

So, Your mail client > avast > Your mail server > avast > Your mail client

This way avast gets to read all the messages going from your mail server before they reach your mail client to make sure they are free from infection.

The picture is very similar for sending mail via SMTP:

Your mail client > avast > Your SMTP server > avast > Your mail client

and in this case avast gets to scan your mail going out before it is delivered to your SMTP server.

As we have said, avast cannot handle the encrypted connections so for that we introduce STunnel which can. So in this picture your mail client needs to work unencrypted with avast still but instead of avast connecting to your mail server it must be told to connect to STunnel which handles the encrypted connection from your system to the mail server.

So now the POP3 picture is:

Your mail client > avast > Stunnel > Your mail server > STunnel > avast > Your mail client

and on the SMTP mail sending side:

Your mail client > avast > Stunnel > Your SMTP server > STunnel > avast > Your mail client

This way avast is still able to scan the POP3 and SMTP mail streams and to add the “scanned” message text if that is selected.

To the best of my knowledge, in this setup you would not use The Bat plugin since scanning is achieved via a different route.

It is probably clear from the above descriptions that you must have STunnel running on your system whenever you want to connect to Gmail.

I’m sure that it is included in the instructions you have been given but you will need to ensure that in the Internet Mail provider > Customize > Redirect Tab > make sure the “Ignore local communication” is unchecked.

I hope that this has been a little help.

Hi !
Really nice discussion. Thank you alanrf for all explanations. They are very helpful. So as I can see we have to do a lot if we want to get an effect. Install and run one additional application, redirect ports in avast! settings, reconfigure e-mail client. Just to be able to attach one little message. Of course it depends if we really need it or not. I don’t think it is so necessary for me. I just was interested why I don’t see any scanning messages when receiving and/or sending messages. Now I know.
But lets talk about this Bat’s plugin.
I want to understand the idea of this plugin and its usage.
Lets say that we have a standard non-encrypted account. Then avast! is able to scan all messages and also is able to attach a special report messages when we activate this function in avast! settings. Well, now we open The Bat! settings and activate this anti-virus plugin. What does it change ? Now avast! is not scanning the messages when they are going to or coming from a server. Now every message is saved as a temporary file in a TEMP Windows directory and such temporary file is scanned by avast!. So as I understand it well when this plugin is active avast! is not able to attach its report to the messages. So there is no reason to use this plugin when we have such non-SSL account. This is only helpful when we use a special ports. Am I right ?