I’ve followed the various instructions posted throughout the forum describing how to setup avast! to scan all emails send using Thunderbird via a Gmail account. I’ve noticed, however, that I am not entirely able to send email whenever I have the “Ignore local communication” checkbox unchecked on the Redirect tab of the Internet Mail provider configuration wizard. It appears as though my emails are being sent to my Google account (as I can see them in my Sent folder via their webmail client), however, they are never sent to any of the target email addresses. If the “Ignore local communication” checkbox is checked everything works fine. Has anyone else seen this problem or know what I may have done wrong? TIA.
Just to clarify, the reason why unchecking the “Ignore local communication” checkbox is important is because only when it is unchecked will my outgoing emails be scanned by avast!.
The information you have given us is not entirely clear.
How are you sending to your GMail account in Thunderbird? More precisely what is the server name and the port you have assigned to the SMTP entry for your GMail account?
Please advise us also of the operating system you are using.
I can think immediately of two ways to do this:
-
by using the POP3/SMTP services offered by GMail - in which case there is no way avast can scan tne messages since the connection is required to be secured from Thunderbird to the GMail server and cannot be intercepted by avast **.
-
via the Thunderbird WebMail extension for GMail - in which case scanning should be possible with the “Ignore local communication” box unchecked in the Internet Mail scanner.
I have just tested both methods.
Both emails were delivered successfully and my avast logs (I turned on logging for the Internet Mail scanner) show that my outgoing GMail sent via the Thunderbird Gmail extension was scanned by avast.
** You can use a product called STunnel to allow avast to scan Gmail using the secured GMail connections but, believe me, the Thunderbird Webmail extension is so much easier.
Afterthought: have you checked your Gmail account via the web interface to see if the sent messages appear in the Sent folder of GMail?
Hi alanrf! Thanks for the response. I’m running on Windows XP. I followed the most common suggestion and installed OpenSSL and stunnel and performed the following configurations:
- Added the following services to stunnel.conf
`; Gmail POP3 service, listens on localhost:11110
[gmail-pop3s]
accept=localhost:11110
connect:995=pop.gmail.com
; Gmail SMTP service, listens on localhost:11025
[gmail-smtps]
protocol=smtp
accept=localhost:11025
connect=smtp.gmail.com:587`
- Updated avast! so that the
[MailScanner]
section in the avast4.ini file looks like this
[MailScanner] PopRedirectPort=110,11110 SmtpRedirectPort=25,11025 ImapRedirectPort=143 NntpRedirectPort=119 IgnoreAddress= IgnoreLocalhost=1 AutoRedirect=1 StartPop=1 StartSmtp=1 StartImap=1 StartNntp=1 ShowTrayIcon=1
- Updated Thunderbird so that my Gmail POP server is
127.0.0.1:11110
and my Gmail SMTP server is127.0.0.1:11025
.
With this configuration, the only way that I’m able to send email is if I have the Ignore local communication
checkbox checked. With it unchecked, all my outgoing emails only reach the Sent folder of my Gmail account. I even took a look at the email headers between emails sent with the checkbox checked and emails sent with the checkbox unchecked, and the only significant differences were the lack of a couple of virus scan lines in the latter.
Having said that, I’m interested in this Thunderbird Gmail extension that you are referring to. However, I would like to get this current configuration working first before giving that a try.
Sorry for the delay in responding.
Interesting that you say all meesages have reached the sent folder of GMail, by that I hope that you mean you have checked the sent folder via the web interface.
The only difference there would be between mail sent with the “Ignore local communications” box checked and unchecked would be the couple of X-Antivirus lines inserted by avast.
If indeed the messages have reached the sent folder of the Gmail server then the issue of messages being sent/unsent would be entirely with the responsibility of GMail and nothing to do with avast. Have you tried the option of multi-addressing the messages to see if you can isolate some addresses that do get the message compared with those that do not?
Interesting that you say all meesages have reached the sent folder of GMail, by that I hope that you mean you have checked the sent folder via the web interface.
That’s correct. I checked my Gmail sent folder via the web interface.
Have you tried the option of multi-addressing the messages to see if you can isolate some addresses that do get the message compared with those that do not?
Yup, I’ve tried sending emails to other accounts that I hold and it’s the same for each account. None of them ever receive any of the emails that I send when the Ignore local communication
checkbox is unchecked.
In the meantime, would you be able to tell me the name of that Thunderbird extension you mentioned earlier? I way as well give that a try. Thanks for your help, it’s really appreciated!
Please see response as a personal message in the forum.
I finally figured out the solution to my problem. All that needed to be done was to remove port 25 from the SmtpRedirectPort
property in the [MailScanner]
section of my avast4.ini file. I’m not exactly sure why/how excluding port 25 solved the problem, but it did.
The effect of removing port 25 from the redirected ports is identical to turning off the outbound scanning of email by avast.
In effect here the use of Stunnel for the outbound Gmail is superfluous you might just as well be going directly to the outbound TLS port specified by GMail.
I have not tried STunnel and I see no good reason to do so. I notice that when I use the GMail extension of Thunderbird all of my GMail messages are delivered without any problem, however avast is not able to insert the X-Antivirus headers into the outgoing message.
I’ll talk to the developer of the Webmail extensions and see if that can be fixed.
The effect of removing port 25 from the redirected ports is identical to turning off the outbound scanning of email by avast.
That’s the strange part of all of this. I wasn’t attempting to connect to any SMTP servers on port 25. In particular, Gmail uses port 587.
In effect here the use of Stunnel for the outbound Gmail is superfluous you might just as well be going directly to the outbound TLS port specified by GMail.
From what I understand, avast! doesn’t support the scanning of connections that need to be TLS encrypted so if stunnel or an equivalent isn’t used, how would avast! email scanning work with Gmail?
It shouldn’t be scanned. Are you seeing ‘clean notes’ on the email or the X-Headers on the email message properties?
It shouldn't be scanned. Are you seeing 'clean notes' on the email or the X-Headers on the email message properties?
With my current setup using OpenSSL/stunnel, yes. Whenever an email is sent I see a lines similar to
X-Antivirus: avast! (VPS 0643-8, 27/10/2006), Outbound message
X-Antivirus-Status: Clean
in the header of the email when I look at it from the Sent Mail folder of my Gmail account via their webmail interface.
Now, if you’re asking if I see the same information when my email client is connecting directly to Gmail with a TLS encrypted connection, then I don’t know as I’ve never tried that configuration.
Ok. This is the normal behavior.
But you’ve said:
Then avast shouldn’t work…
Right and that’s been my understanding of how avast! should work. However, alanrf said
In effect here the use of Stunnel for the outbound Gmail is superfluous you might just as well be going directly to the outbound TLS port specified by GMail.
which didn’t make sense to me since without OpenSSL/stunnel I can’t see how I would be able to communicate with the Gmail server using a TLS encrypted connection. So it was merely a question asking him to clarify that statement.
I can’t see how I would be able to communicate with the Gmail server using a TLS encrypted connection.
You can but avast scanning should be disabled. Maybe this is what Alan thought…
Let me try to explain it a different way.
When you use STunnel this is what is happenning:
Mail client port 110 <-----> STunnel port 995 <------> GMail POP server
Mail client port 25 <------> STunnel port 587 <------> GMail SMTP server
There is really no value at all to this set up unless you want avast or some other function to scan your mail.
With avast scanning mail then:
Mail client port 110 <—> avast <—> STunnel port 995 <------> GMail POP server
Mail client port 25 <—> avast <—> STunnel port 587 <------> GMail SMTP server
When you are using STunnel then your mail client does not use ports 995/587 at all, your mail client uses the standard ports 110 and 25 - that is how avast is able to scan the mail stream between STunnel and the mail client.
If you stop avast from intercepting port 25 (which you did) then you are removing the ability of avast to scan all outgoing mail and it is exactly the same effect as turning off outbound scanning in the SMTP tab of the Internet Mail provider. In that case using STunnel outbound has no value and you might just as well connect your mail client directly to the GMail SMTP server using TLS.