There is an email operation showing in the Avast SSL scan box that I can’t find and have not set this account up in my OutLook 2007.
For the name it only shows 74.208.122.36
WhoIs says it is an email server for graffiti.net, supposedly a GoDady.com spin.
I cannot figure a way to toss this thing out. I delete it from the SSL box but it comes right back. It does not show up in my Outlook accounts.
Anybody got some intell on this strange IP and how it is sneaking in/out on my email? >:(
Well I have two such entry in my SSL Accounts, for Yahoo.com and I don’t have any Yahoo email accounts. But I do have a BT Internet (my ISP) email account and their email is handled by Yahoo’s email servers and avast is clever enough to recognise that and create the entry for them. There are no corresponding BT Internet entries as it isn’t actually going to BT Internet email servers.
Now I don’t know if that is the case for you (likely) and why it keeps getting recreated. My only concern is why it is shown as an IP address and not a domain name, but that’s onle me not liking obscure things.
So do you have a missing account in your SSL Accounts like I do for my BT Internet email account ?
Well, it’s difficult to check. I can’t find anything related to that IP and all my accounts are nailed down. I’m still checking for a clue here.
Okay, this has really peaked my interest. I finally got the entry to delete long enough to try all my Outlook acounts and none of them brought the IP back to the Avast SSL box. Then I restarted and opened Outlook did a “send/receive all” and it is back again. It is as though there is a hidden account in Outlook.
Is there a way to block this IP in Avast? That way it should bring up some sort of nag screen when I open Outlook.
It seems very cumbersome that a program as vast as Avast cannot trace this ip to an account origination.
You won’t see it in your email program accounts, I don’t see any reference to Yahoo in mine, but that is where my email for BT Internet are handled. You would have to check with your ISP or email service to see if it is in fact being handled by that IP/domain.
Avast just doesn’t magically create an account it can see where it is actually going. The only other possibility would be if you have a hidden/undetected spambot on your system and I rather doubt that as avast would hopefully detect the multiple emails being sent in a period of time and your firewall would/should also prevent unauthorised outbound connections (entirely depends on your firewall having outbound protection).
I asked you if there was a missing account in the SSL Accounts as there is in mine, you didn’t answer. If all the other accounts are present, then what is missing is the one that is using a different email server to handle the account.
I did go through all accounts and they are accounted for including newsreader. POP3 and SMTP and NNTP then there is the strange IP labeled as POP3. Win 7 firewall is in place and working, blocks all connections to programs not on list.
I’ll nail it eventually, I don’t have much time to play with right now. Been a while since I’ve sniffed packets but if thats what it takes! :o
It may be what is required if all the accounts in your email program are included in the avast SSL Accounts and this IP one is over and above that. Then it could be something that isn’t using your email client to connect, but since it is using the email protocol and port avast would redirect it to scan content.
(The message was deleted by user. Sorry, folks, I had wrongfully posted a reply to another topic here.)
This should be posted in your own topic, this one isn’t related. http://forum.avast.com/index.php?topic=79966.0
Otherwise whoever needs to read it (essexboy) would never find it.
Yes, I had just seen the misplacing. Sorry about that. The original message was 11:12, I re-posted it there at 11:14, then came here to suppress the error, but I see your reply was already here at 11:16… Boy, are you fast! ;D
Yes, the avast forums are generally fast ;D