Especially I’m concerned about Eicar test virus that avast did not detect with InternetMail Provider letting it stay in my inbox. Latter when I tried to run it, Standard Shield did a good job recognizing it!
I mean, Eicar is just a test virus which is built specifically to be detected from the antivirus program.
Why’s this?
Personally I’m more suspicious about the Independence of these tests when it would appear they are trying to sell you something, to help protect against these supposed vulnerabilities (relevant points highlighted below). Then again I’m a trusting sort of guy ;D
For an in-depth explanation of these vulnerabilities and why anti-virus is not enough, check out our white papers, Protecting your network against email threats, "One virus engine is not enough: The case for maximizing network protection with multiple anti-virus scanners" [b][i]and Why You Need an Email Exploit Detection Engine. To protect once and for all against current and future threats, consider GFI MailSecurity[/i][/b].
Got the point, but that doesn’t justify the lack of efficiency here.
It was Eicar.com as an attachment.
For the rest of the tests Zone Alarm helped.
But with the email containing an HTA file in disguise and some Attachments which end with CLSID file extension avast didn’t do anything.
Hmm, on all those emails, Avast flagged every last one of them, on my Comcast POP3 account through Outlook. Make sure all your settings are turned to High on the resident protection is what I can tell you now, without knowing more.
Perhaps you could show us the message source of an Eicar test message that made it to your inbox? Of course, please remove any personally identifiable information first.
I’m not exactly clear how you generated your Eicar test messages (from where). Can you tell us? I would like to repeat your test.
My settings are not high, they are custom and checked every posible option for scanning, even all packers!!
It’s my Yahoo account that’s wrong!!
Others are fine.
In the header of the message there is no Outbound or Inbound mail scan confirmations when try to send from one of my accounts to Yahoo. Although I checked the boxes Insert clean note into either POP or SMTP scan, there is neither note in the body of the message!!
Avast is not scanning messages from Yahoo account!!! >:( >:( >:(
Thanks,
Of course, how stupid of me!
It was impossible for Avast not to stop at least one of so many infected messages, but I was quick to judge!
I’ve tweaked avast very good. Sincerely I don’t know what to change…
Anybody…?
When I asked you if this was a regular POP3 account that you used to download - I think you did not give me the correct information.
For most places (and certainly where I live) Yahoo does not provide POP3 access. If you want to convert Yahoo to POP3 to receive it in a mail client you need to use a third party program like YPops, FreePops, MrPostman … there may be others.
Local communications really means “should avast scan call to localhost:xxx” where xxx is the port.
Avast scans (by default) any application that makes calls to a server (something like my.mailserver.com) at port 110 for POP3 mail and calls to a server (something like my.smtpserver.com) at port 25 for SMTP sent mail.
YahooPops runs in your own system; the way control is passed to YahooPops is that it expects to be called on localhost (localhost really means “my own system”) port 110 to receive POP3 mail and localhost port 25 to send SMTP mail via YahooPops.
By default avast! does not intercept calls to localhost ports (I think this is more historic than for any other reason - trying to avoid getting proxies into looping conditions). So, unchecking that box will ensure that the mail streams going via YahooPops will be scanned.
Good to know that your mail Yahoo mail is now being scanned.
And remember … you have to be in here to help and explain this to the next person who comes along needing their Yahoo, Hotmail or whatever scanned.