In Canada, a large national ISP operated by Bell Canada, named “Sympatico” is currently in the process of changing user email accounts to the SSL protocol. My understanding is that neither avast! nor Nortons etc…, are able to scan SSL based emails.
Ever so conveniently, Sympatico now offers to their users a new server based anti-virus checking service, but for a monthly fee of course! What a business model! Cut-out the competition by rendering their software incapable of scanning emails and then monopolize and profit by offering your own email anti-virus service. Cost to consumer=less choice, higher price. Cost to competing anti-virus companies=lost sales and shrinking market. Cost to Sympatico? ha ha, laughing all the way to the bank. Bottom line: scary.
Although Internet Mail cannot scan SSL connections you can use MS Outlook\Exchange provider and MS Outlook mail client (the one from office package).
This one CAN check SSL connections since file handling in MS Outlook is different than in normal email clients.
Second option is to leave protection to Standard Shield. It should keep you safe (except for extra Internet mail features like heuristics which are not available for Standard Shield)
I have been using Sympatico for several years now. You can scan SSL and TLS using avast! if you use Stunnel and OpenSSL. I have been using that combination for a few months now and it works great.
Do a forum search for Stunnel and Gmail, there have been a number of threads on the topic of SSL email and Gmail and how to get round the fact that avast (with Internet Mail provided) can’t scan SSL email.
You can adjust your settings so avast scans outbound email before Stunnel encrypts and sends it, this is a very simplified explanation.
Thanks for the replies. I since took a look at the Stunnel and OpenSSL webpages. Unfortunately it’s way over my head as what file versions to download and how to set them up
I use both Windows XP and Win 98 (desktop and laptop). I’m using the latest version of Outlook Express.
I doubt many casual users of Sympatico would know how to set it up to work with Stunnel, OpenSSL and avast etc.
I’d really appreciate some tips as what to do. Thanks!
I don’t use Sympatico, but here is how to set up avast! secure email scanning wih XP, assuming you use port 995 for secure pop3 and port 25 for secure smtp. Let us know is your setup is different, or if you use IMAP.
To set up secure email with avast!, you need to do 3 things:
In your email client, use
localhost:11110 for your pop server
localhost:11025 for your smtp server
Do not check “use secure”
In avast! email provider add
11110 to the pop3 ports to redirect
11025 to the smtp ports to redirect
With a text editor, create Stunnel.conf (or cut/paste/edit below)
Stunnel.conf, the configuration file, looks like this for secure email:
I am not running W98, but you should be able to follow the instructions in the avast! help file for manual setting of email protection to edit the avast4.ini file to get things directed to Stunnel. Something like poplisten=127.0.0.1:11109 and similar for the email client pop3 server setting, and defaultpopserver=127.0.0.1:11110; smtplisten=127.0.0.1:10024 , similar for email client smtp server setting, defaultsmtp server=127.0.0.1:11025 should work with the same stunnel.conf . Maybe someone who actually runs W98 will chime in.
There are a large number of users of secure email with avast! who can help here in the forum if you have problems/questions. Give it a try!
Starfighter, I can’t help you with Windows 98 (maybe it’s the same with Windows XP).
You must download the last version (stable, there is no need for beta versions) of OpenSSL and install it). It won’t ask you more questions (not even the subdirectory for installation).
Then download Stunnel, open a new folder and put it there. In the webpage there is the instructions for installing it as a service and running it.
You will have to edit the stunnel.conf file afterwards to set it for Sympatico. Specially you will need to know the SSL ports for Sympatico. Saving the stunnel.conf file and restarting your computer you should have Stunnel running correctly.
Then is the battle for setting you email program.
I did it for GMail, take me some time and need help from other avast! users. Now it’s working for Pop and Smtp email
Wow, Sded is here helping you. He’s the master 8)
Thanks gang for the wonderful help! I got it to work with XP now, no problem.
However, I can’t get it (Stunnel & openssl) to work with Windows 98, as avast! doesn’t allow for redirects with 98 (redirects are a greyed out option in avast for Win98).
So…in terms of my Win 98 laptop–Question–without avast! actively scanning my incoming emails, will I still be afforded some level of protection if I actually try to open an infected email attachment (with the avast standard shield activated). For example, if I try to open up an email attachment such as a Word processing file-- would it protect me against that? What about Zip files… will it protect against that too? If so, then I guess I don’t need to be too concened that avast! isn’t scanning my inbound emails… so long as it scans the actual files when I try to run them… Any help/clarification would be greatly appreciated! ;D
One thing that I would like to point out to you is that Sympatico scans all incoming and outgoing e-mail at the server level for free anyways. I have been a Sympatico customer for about 2.5 years and I have never even received an e-mail virus.
It uses the EICAR test virus. You will still receive the e-mails, but in the e-mail it has a message that the attachment was removed. If I remember correctly, I believe Sympatico uses one of the Symantec Corporate versions (it says it in the e-mail). And they are more likely faster to update their signatures for the threat of new viruses.
So you need not worry so much. You could probably just stick to the resident protection.
I just tested it again out of curiosity to see which antivirus Sympatico is using now on the gateway level. The message received in the e-mail is:
This message has been processed by the Brightmail™ Anti-Virus Solution using
Symantec’s Norton AntiVirus Technology.
eicar.com was infected with the malicious virus EICAR Test String and has been deleted because the file cannot be cleaned.
In the past, I had tried many times to send myself real viruses in the e-mail by disabled any real-time protection, sending the files, then re-enabling the real-time protection before receiving the e-mail back again. None of those real test viruses ever came back.
Well, are you sure?
If you write the name of the user something like this:
pop3 server= smtp server = 127.0.0.1
username = mail.server.coml#user#portnumber
smtp authentication enabled and the username there = mail.server.coml#user#portnumber
Will it work?
Email protection is a very speciall one… I won’t give up so quickly and be happy without it :
If you set to scan all open/created/modified file in Standard Shield, you will scan the files (attachments).
Send your self a virus (eicar) compressed with 7-zip, (http://www.7-zip.org). This format can be opened by new versions of WinRAR (for example). We have already seen a viruses that require users to decompress them manually and yet spread rather smoothly. I guess this would not be stopped by their server antivirus.
I did exactly as you suggested. I compressed the eicar file in a .7z archive and sure enough it did pass right through Sympatico’s server-side virus scanner. And sure enough, avast! Internet Mail module picked it up. That definitely made me re-think a few things, so I apprecaite the information.
What I figured out from this thread and also from many other threads (specially http://forum.avast.com/index.php?topic=11627.15) is that IT’S NOT POSSIBLE to use Mozilla Thunderbird + Avast Mail Scanner + stunnel/OpenSSL in Windows 98, just because Avast can’t perform Port Redirect under Windows 98. Is that correct?
I have Thunderbird + Avast and a Gmail account as the only SSL-specific account set up and just today I noticed that Avast didn’t scan this SSL-specific email traffic. I went through this forum and read a lot of posts and after some hours of hard work (I’m not an expert… :() now I found this thread that puts my last hopes into oblivion… Or maybe…?
Is it really the end of the line for me?
Any help or guess will be greatly appreciated.