Can't send email through SMTP via TLS

Hi,

With the default settings of the Internet Mail provider, I can’t send email through SMTP via TLS.

http://img73.imageshack.us/img73/8059/thunderbird9hg.png

I only can send if I disable the Outgoing scanning email of the IM provider.

I know that avast will not scan encrypted email, but this is normal?

Regards

Well TLS isn’t normal, it is the new secure email protocol replacing SSL, but I can’t understand why avast doesn’t just ignore it.

http://en.wikipedia.org/wiki/Transport_Layer_Security

I am having a problem sending email today, too. My error message says

SENDING MESSAGE ERROR

The message could not be sent because connecting to SMTP server smtp.comcast.net failed. The server may be unavailaable or is refusing SMTP connectiions. please verify that your SMTP server setting is correct and try again, or else contact your network administrator.

I am not on a network, and don’t know if my problem is Thunderbird, Comcast or Avast. My comcast mail seems to be working fine, but not through TB. Is anyone else having a problem today?
Thanks…

MaDonna,

your post really has nothing to do with the subject of this thread. However, I have just checked and I have no probelm sending emails composed on Thunderbird, scanned by avast and sent through my comcast.net account. It may really be the server supporting your comcast account is down - have you tried it via the Comcast web email access?

VaMPiRiC_CRoW,

I use TLS for the SMTP sending of mail on my Gmail account. However, Gmail requires me to connect to port 587 for the TLS connection. If I add that port to those scanned by the Internet Mail Scanner then I get exactly the same error popup as you are seeing. At least I can avoid the problem by not including that port in the Internet Mail scanner.

Are you using TLS and non-TLS email accounts on the same outbound port (maybe 25)?

As to the reason for the error popup - I hope a member of the avast team will enlighten us.

SORRY!!! It seems I have a problem with this forum. I keep posting something on the wrong thread, etc. I have never had this problem before on a forum. Maybe some are too sensitive. I won’t bother anyone anymore. :-[

MaDonna,

seems you may be a little sensitive too - after all I did try to address your concern and suggest a next step - I did not intend to offend you.

It just gets a little confusing for everyone reading the thread if two separate issues are trying to be solved.

I do not think that anyone is going to have a problem with you creating a new thread when you have a new issue to report - that’s all.

So, I hope that you will come back in a new thread if you need some more help with this problem.

alanrf,

here you have all the details:

http://img89.imageshack.us/img89/5163/smtpserver1oe.png

Regards

I guess we will have to hope that vojtech will give us the words of wisdom from the avast team on how users of both TLS and non-TLS accounts needing to use port 25 for SMTP should proceed.

  1. The Internet Mail provider does not support SSL/TLS.
  2. There’re basically 2 ways SSL/TLS is used:
    a. either the connection start immediately on the secure port (that avast does not monitor)
    b. or communication start on the standard port 25, and then the program tries to “upgrade” the connection to a secure one (using the STARTTLS command).

Case a. is simple - the Internet Mail provider simply ignores the port. Case b. is more tricky, because the Internet Mail provider filter will not allow the STARTTLS command to succeed.

So, you either need to disable outbound mail scanning or not enfore the use of TLS.

Thanks
Vlk

Thanks for the info, Vlk :wink:

If we consider a similar situation with http vs https avast simply gracefully gets out of the way when https is used.

As more mail systems move toward secured links can we expect avast to act in a similar fashion with those secured email connections and not interrupt the process as it is doing now?

VaMPiRiC_CRoW,

I have not done all the necessary research but a casual scan suggests that Stunnel may be a possible solution to allow a TLS connection to be used for SMTP and still work with avast scanning.

I’m not sure if it will work with a mix of non-TLS accounts and TLS accounts using port 25 (and I do not know if that a requirement for you). The expert in this forum on Stunnel is SDED - I don’t know if he will spot this thread and give us the benefit of his knowledge.

If I find any more info I will report back.

I had the same problem described by MaDonna with Avast! and Thunderbird 1.5… The temporary solution for me was to deactivate the scanning of all outbound mail… Nevertheless, I would like to know a less radical answer to this issue…

Yes, but the problem described by MaDonna is not the same as this issue (which was mentioned), the use of TLS (secure) email using the regular SMTP port that avast intercepts and because it is secure can’t scan it.

So this is likely to be somewhat longer than a temporary situation, as even if avast started working on this today would probably take a little time. So it needs a more permanent workaround, like either not using TLS (medium to long term option) or having a third party tool such as Stunnel act as an interface to allow avast to scan the email before sending as TLS email (long term possibly permanent). However, that option has to be tested as Alan mentioned with a mix of different non-TLS accounts and TLS accounts using port 25.

Duly noted David, just for the information of MaDonna, and those ones with the same issue… Apparently, thunderbird 1.5 has some kind of conflict (sort of) with Avast mail scan, and this affects not only TLS mails (the main issue in this thread), but also the regular ones…

Thank you. I feel vindicated.

MaDonna,

glad that you felt able to post again.

Since the TLS issue is no longer actively being discussed in this thread I guess we might as well use it to discuss the problem that has been brought up where emails sent using Thunderbird are experiencing delivery problems.

Quick point for Gibarian - the TLS issue affects almost all e-mail clients (except those for which avast provides special plugins - Outlook and The Bat) not just Thunderbird.

As I mentioned yesterday I am using Thunderbird 1.5 with avast and finding no problem in sending emails.

If you are still experiencing the problem then it will probably be useful to create (for a while) a more detailed avast! log of your mail connections.

You can get the mailscanner to log your connections by editing the avast4.ini file (in Program Files\Alwil Software\Avast4\DATA folder).

In the section headed:

[MailScanner]

add the line:

Log=20

and save the updated file.

The log will be in Program Files\Alwil Software\Avast4\DATA\log\ashmaisv.log

Please try to send an email - hopefully the send failure will occur and be recorded.

If you are then willing to share the log … please first obscure any personally identifiable information in it … we shall have a better chance of understanding what may be causing the problem you are encountering.

I can confirm the error.

I recently changed from another antivirus scanner to avast 4.6 Home Edition.

Before I had no problems sending eMails with Accounts using TLS for SMTP
Well the other antivirus didn’t checked outgoing emails.
After Installation of avast sending didn’t worked anymore. I got the same error as described in the first post of this thread. Disabling the check of outgoing eMails resolves the problem.

Regards