Hello,
I have setup Thunderbird to send and receive Hotmail Live emails with their new Pop3 server. Both incoming and outgoing emails using my ISP are checked by Avast as indicated by and entry in the email headers. My problem is that Avast does not check the outgoing email or the incoming email using the new Hotmail server.
The server setup is as follows:
POP server: pop3.live.com
POP SSL required? Yes
User name: Your Windows Live ID, for example yourname@hotmail.com
Password: The password you usually use to sign in to Hotmail or Windows Live
SMTP server: smtp.live.com
Authentication required? Yes (this matches your POP username and password)
TLS required? Yes
Using the Hotmail pop3 I notice that SSL port is 995. So, thinking that Avast need to know this, I added this port to the redirect port in Avast. The only thing is that it refuses to get emails when I do this. So, removing this redirect, incoming emails work. Smtp port is 25 and emails are sent, but not checked by Avast.
What do I need to do to make Avast check both the incoming and outgoing Hotmail emails using the pop3 servers?
Thanks
By all accounts this new Hotmail uses standard POP3 protocol and not WEBDAV or the new proprietary MS protocol DeltaSync.
The problem is that it uses SSL over the standard POP3 port 110 and the same with SMTP on port 25.
So avast will get its digital knickers in a not trying to cope with secure email when it is expecting standard non-secure PO3/SMTP protocols over ports 110 and 25, not SSL.
So unless you can change ports 110 and 25 to the ones normally used for SSL email:
SSL/TLS (Secure) Ports POP3 995; SMTP Ports, 465 or for Thunderbird-587.
This will however mean that avast won’t scan that email but it will mean you can use the Hotmail pop/smtp account.
If you can’t do that (Hotmail restriction, etc.) then you would have to exclude: pop3.live.com:110 and smtp.live.com:25 from avast email scans.
See this for general information on how to exclude these from email scanning, whilst this isn’t directly for Hotmail the process is pretty much the same, substituting the above server details.
The fix for sending email with sympatico is recorded here, check the images in a later post.
Alan and David, thank you for the link. I have not seen those posts before.
I have not heard of STunnel before. Had a look at it and cannot find any examples of how to run it in Windows. I have tried add-ons before. First Outlook Express with FreePops and then Thunderbird with the Webmail extension. I got them both working with Avast, but they were both troublesome. I will wait for Avast V5 to get secure connections checked by Avast.
O/k, secured connections are not checked.
However, would Avast consider reception and transmission of those emails from the email client as Web activity or Not?
If not, then those incoming or outgoing messages may contain a virus without being checked and without knowing. However, if an infected attachment is received, even though not checked by Avast, hopefully it is checked when that attachment is launched or opened. Is that correct?
Thanks
It isn’t web activity if you use thunderbird and standard email download (all be it encrypted). If you used your browser to view your email then that would be web activity, though I’m not entirely sure what you mean by web activity, as technically everything would be web (internet) activity.
You have to up to a point rely on Hotmail having scanned your email or you are going to have to use STunnel. Though I’m not entirely sure how/if this would work as you are using the standard POP/SMTP ports and not SSL ports.
No, I don’t think I’ll install STunnel. I’ve had too much experience with add-ons to take on another problem.
O/K, so Avast will not check those secure emails with it’s Web Shield.
Does Avast check an attachment when it is launched from Thunderbird?
Thanks
Just to clarify, Stunnel is not an add-on in the usual sense. Avast! scans your email by inserting a transparent proxy (just means the port doesn’t change) that intercepts your email internally (via localhost ports), scans it, and passes it on to your client or your mail server depending on whether it is incoming or outgoing. It can’t do that if the mail is encrypted in the client or server: SSL precludes anyone but the endpoints from decrypting it. With Stunnel, you move the encryption/decryption from your browser to Stunnel, which uses an external program, openssl, to manage the SSL sessions so that avast! can scan it before it is encrypted or after it is decrypted. Stunnel has no effects on or attachments to avast! The flow is email client <—>avast!<—>stunnel<—>openssl<—>email server, and on your part just requires the generation of a fairly standard stunnel.conf file to define the configuration in the client and server for stunnel. And the definition of the proxy ports you want Stunnel to scan in your client. Many of us prefer it to the built in handling of SSL by some AVs because of its simplicity.
But Avast! Standard Shield will continue to scan email attachments whenever you try to open or store them in any case.
please see my most recent post in the restricted forum.
The Hotmail settings being advertised for the free POP/SMTP servers are:
POP port 995 with SSL
SMTP port 25 with SSL.
Because of the known issues with avast and using SSL on port 25 the avast team have already taken care of setting up the necessary exclusion for the Hotmail SMTP server by default in the the latest VPS update.
Yes, the Hotmail SMTP servers are reported to work also with the “standard” TLS and SSL ports too but this is not what Hotmail are advising users.
Thank you for your description of STunnel.
As you say it may not be an add-on. It does however, work like one, in that it interfaces with other programs, so that both programs need to be setup for them to work correctly.
I remember well the simplicity of installing and making Freepops work. It is similar to STunnel, in that it sits between the email client and the web. Simple to install and configure. The only thing was that it took about 3 weeks on the forum to get all the details needed to make it work the way I wanted it.
I also remember the Webmail Extension for Thunderbird to be able to use Hotmail in Thunderbird. The description also states that “just install, setup and it works”. After downloading numerous Hotmail beta extension to go with Webmal and only 2 weeks on the forum, I got it to work, for a while. Then again back to the forum, a while later got it to work again … etc.
Since the Standard Shield catches infected attachments and Hotmail does virus scans also, I think I’ll wait for Avast V5. I don’t think that the threat is increased tremendously by not scanning the secure connection.
I think that all my questions at present have been answered.
Thank you all.