I am using Avast v4.6 Home edition, and I use Thunderbird to get my email.
I currently fetching my email using POP3 over SSL on server port 995.
Avast does not scan my incoming emails - presumably because it’s not monitoring port 995 and because of the SSL encryption. I have been getting virus attachments regularly - about one every two days. These viruses are than all saved in my inbox, until I manually check whether it’s a virus, by trying to save the attachment to disk.
Is there any way I can get round this, except by fetching all email by standard POP3 on port 110?
Since SSL/TLS e-mail is encrypted and decrypted in the client, external virus scanners (including avast!) can’t read or scan it.
The solution is to pass e-mail in and out un-encrypted from your client (Outlook Express, Thunderbird, …) to a proxy program (Stunnel) that does the actual ssl or tls encryption/decryption of the pop3/smtp e-mail and communicates directly with the ISP server on the appropriate ports. Another drivers (OpenSSL) are need as a library of encryption/decryption routines.
Thanks for replies.
I am going to try using the Stunnel SSL proxy to access email. I am already using other proxies - I am using ‘hotmail popper’ to get msn webmail from Thunderbird, and an SSH tunnel proxy that I use for web access etc., using SOCKS5.
I have installed the Windows XP modification so that I can use more than one loopback IP address.
I guess I will have to experiment with loopback addresses and port numbers.
I thought that I throw a note in here!
Stunnel now comes as an installer which installs Open SSL and Stunnel so now you just have to download the installer version from here http://www.stunnel.org/download/binaries.html
At the moment it is stunnel-4.14-installer.exe so you do not need to to go to the Open SSL website just create your stunnel.config and you are ready to use Stunnel!
I can’t see how it can do this in a localhost loopback as this is effectively what avast does to scan emails. I don’t know where you heard it but it would be nice to see exactly what it says.
Unless there is a plug-in like the avast plug-in for MS Outlook which allows avast to scan encrypted email (SSL) because it is inside MS Outlook and the encryption process.
So if it is outside the encryption process a huge amount of processing effort would be required to decrypt the email in order to be able to scan it. This would cause timeout warnings occasionally seen when sending large attachments and they aren’t encrypted when avast is scanning them.
This is where I saw it and according to AVG it works. I tested it and the emails come in “certified”. I am not a tech so I cannot say that it works, but it appears to. Here is their link that show the set up:
Well that looks like it is setting up something similar to what had/has to happen before with avast email scanning (and with non-NT OSes now), with the exception that you are able to set-up email account details within the AVG email scanning settings.
This would appear to give the same result of having a plug-in inside the email prog. Although there are things I don’t understand, like how you shouldn’t tick the “This server requires a secure connection (SSL).” If this simply doesn’t login securely or if it doesn’t encrypt the email?
But if it works and is that simple (relatively) to set-up great. Whether it is that simple in reality for the programming side, I don’t know, perhaps avast should develop a plug-in strategy for OE?
I think if you read further into AVG specs you will notice that they integrated Stunnel and Open SSL into their Mail proxy!
I hope if avast does this that SMTP is excluded as Stunnel has well-known problems with large attachments when used in SMTP although the problem does not show up in POP3.