suspicious whitespace sequence

what is exactly the use of this rule?
and why does IM scanning apply to a RSS feed aggregator and to a usenet client?

since these programs download hundreds of headers Avast keeps popping up dozens of time on each mail address or subject that has some white spaces in it

I finally stopped the IM scanning and that stopped the messages

bug or feature?

It’s the Heuristic module of the MAIL provider. Check Internet Mail and Outlook plugin (if you use it) and change the Heuristic settings.

It does not… are you connecting at port 25, 110 or 143?

This is what the module does and you’ve asked before: check the number of white spaces in the mail Subject.

This is strange… it shouldn’t be managed by the IM provider… ??? ::slight_smile:

Tech,

the Internet Mail provider also does NNTP scanning for connections on port 119 - that’s where usenet clients go.

The checking can be modified in the Heuristic tab (select Customize level and click customize button) or you can just turn off NNTP scanning in the NNTP tab of the Internet Mail provider.

I know that…
But Chriske is telling that the IM provider is doing so…

It seems to me that Internet Mail provider is the IM provider.

It is unfortunate naming that avast has two IM providers.

That’s why I am always care to specifiy Internet Mail explicitly.

Ok… maybe I’m to used to avast because the IM provider is the Instant Message and not the Internet Mail.

Only in English ;D

I do understand, since I think of the Internet Mail provider as the Mail Scanner and the Instant Messaging provider as the IM provider … but English is the “lingua franca” of this forum and we cannot make everyone think the same way.

indeed it was the mail scanning provider that triggered this
I did change the setting to customized where I disabled the check on white spaces

but what is exactly the use of such a rule?
because a lot of headers and x-mail fields are forged in usenet, this is a rule that is not workable

thnx and grtz

Whitespace is often used to hide something which would otherwise be seen in the subject/attachment window, such as ‘this_friendly_text_file.txt .exe’ you don’t see the double extension and the true file type.