Suddenly avast mail scanner won't connect using SSL.
I can use SSL from my mail program.
But if I use non-SSL there and turn on SSL in the avast mail scanner
I get a SSL_connect_error_5 from the server.

Same thing happened on another system.
And there I fixed it by reinstalling avast.
But it's a bit of a hassle doing that every week :-(

Any ideas?
--
Lars-Erik Østerud : http://www.osterud.name

avast! antivirus (110823-0, 23.08.2011), Outbound message clean

You do not need the email scanner. It is the cause of multiple issues with e-mail
clients

Read
http://thundercloud.net/infoave/tuto...ning/index.htm

JS

Lars-Erik Østerud wrote:
> Suddenly avast mail scanner won't connect using SSL.
> I can use SSL from my mail program.
> But if I use non-SSL there and turn on SSL in the avast mail scanner
> I get a SSL_connect_error_5 from the server.
>
> Same thing happened on another system.
> And there I fixed it by reinstalling avast.
> But it's a bit of a hassle doing that every week :-(

You probably don't need to scan e-mail, but if you want to I suggest any
problems you have as a result should go to the vendor's support people
for resolution.

Lars-Erik Ø·sterud wrote:

> Suddenly ...

I'm always tempted to ask, "What did you do just before 'suddenly'?"
:-)

I concur with the others about not needing to scan either incoming or
outgoing mail.

--
-bts
-"All of a sudden my computer is acting strange."
-"What did you do immediately before 'all of a sudden'?"

From: "Beauregard T. Shagnasty" <(E-Mail Removed)>

>
>> Suddenly ...
>
> I'm always tempted to ask, "What did you do just before 'suddenly'?"
> :-)
>
> I concur with the others about not needing to scan either incoming or
> outgoing mail.
>

Well, incoming is another story. However I believe in email scanning it when it is MAPI
or VIM scanning and not via a Proxy or other client method.


--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp

David H. Lipman wrote:

> From: "Beauregard T. Shagnasty":
>> I concur with the others about not needing to scan either incoming
>> or outgoing mail.
>
> Well, incoming is another story. However I believe in email
> scanning it when it is MAPI or VIM scanning and not via a Proxy or
> other client method.

I assume you read the thundercloud.net page. What problem could there
be before actually attempting to run a file received by email? Top
that with .. it's been several years since I actually received a
malicious file via email. Maybe I'm just lucky.

--
-bts
-Four wheels carry the body; two wheels move the soul

From: "Beauregard T. Shagnasty" <(E-Mail Removed)>

>
>> From: "Beauregard T. Shagnasty":
>>> I concur with the others about not needing to scan either incoming
>>> or outgoing mail.
>>
>> Well, incoming is another story. However I believe in email
>> scanning it when it is MAPI or VIM scanning and not via a Proxy or
>> other client method.
>
> I assume you read the thundercloud.net page. What problem could there
> be before actually attempting to run a file received by email? Top
> that with .. it's been several years since I actually received a
> malicious file via email. Maybe I'm just lucky.
>

There is exploit code in email as well as phishing. The major playes who do VIM and MAPI
scanning will detect exploits and phishing the body.

I didn't read the data at thundercloud.net . Is there something there that I missed BTS ?


--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp

David H. Lipman wrote:

> From: "Beauregard T. Shagnasty":
>> David H. Lipman wrote:
>>> From: "Beauregard T. Shagnasty":
>>>> I concur with the others about not needing to scan either
>>>> incoming or outgoing mail.
>>>
>>> Well, incoming is another story. However I believe in email
>>> scanning it when it is MAPI or VIM scanning and not via a Proxy
>>> or other client method.
>>
>> I assume you read the thundercloud.net page. What problem could
>> there be before actually attempting to run a file received by
>> email? Top that with .. it's been several years since I actually
>> received a malicious file via email. Maybe I'm just lucky.
>
> There is exploit code in email as well as phishing. The major
> playes who do VIM and MAPI scanning will detect exploits and
> phishing the body.

Hi, click here to log in to your bank account:
http://hacker.example.com/a345/www.bankofamerica.html

> I didn't read the data at thundercloud.net . Is there something
> there that I missed BTS ?

"Our advice is sound. Email scanning might have been useful years ago,
but not anymore. We're not sure it ever was." :-)

--
-bts
-Four wheels carry the body; two wheels move the soul

From: "Beauregard T. Shagnasty" <(E-Mail Removed)>

>
>> From: "Beauregard T. Shagnasty":
>>> David H. Lipman wrote:
>>>> From: "Beauregard T. Shagnasty":
>>>>> I concur with the others about not needing to scan either
>>>>> incoming or outgoing mail.
>>>>
>>>> Well, incoming is another story. However I believe in email
>>>> scanning it when it is MAPI or VIM scanning and not via a Proxy
>>>> or other client method.
>>>
>>> I assume you read the thundercloud.net page. What problem could
>>> there be before actually attempting to run a file received by
>>> email? Top that with .. it's been several years since I actually
>>> received a malicious file via email. Maybe I'm just lucky.
>>
>> There is exploit code in email as well as phishing. The major
>> playes who do VIM and MAPI scanning will detect exploits and
>> phishing the body.
>
> Hi, click here to log in to your bank account:
> http://hacker.example.com/a345/www.bankofamerica.html
>
>> I didn't read the data at thundercloud.net . Is there something
>> there that I missed BTS ?
>
> "Our advice is sound. Email scanning might have been useful years ago,
> but not anymore. We're not sure it ever was." :-)
>

OK, I don't fully agree.

As for the URL, the URL can be obfucated and not everyone is savvy how URLs are formed or
the syntx of them.

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp

David H. Lipman wrote:

(something amiss with your newsreader; it's snipping some attributes,
which I've restored twice now)

> From: "Beauregard T. Shagnasty":
>> David H. Lipman wrote:
>>> From: "Beauregard T. Shagnasty":
>>>> David H. Lipman wrote:
>>>>> From: "Beauregard T. Shagnasty":
>>>>>> I concur with the others about not needing to scan either
>>>>>> incoming or outgoing mail.
>>>>>
>>>>> Well, incoming is another story. However I believe in email
>>>>> scanning it when it is MAPI or VIM scanning and not via a Proxy
>>>>> or other client method.
>>>>
>>>> I assume you read the thundercloud.net page. What problem could
>>>> there be before actually attempting to run a file received by
>>>> email? Top that with .. it's been several years since I
>>>> actually received a malicious file via email. Maybe I'm just
>>>> lucky.
>>>
>>> There is exploit code in email as well as phishing. The major
>>> playes who do VIM and MAPI scanning will detect exploits and
>>> phishing the body.
>>
>> Hi, click here to log in to your bank account:
>> http://hacker.example.com/a345/www.bankofamerica.html
>>
>>> I didn't read the data at thundercloud.net . Is there something
>>> there that I missed BTS ?
>>
>> "Our advice is sound. Email scanning might have been useful years
>> ago, but not anymore. We're not sure it ever was." :-)
>
> OK, I don't fully agree.

You are more than welcome to disagree, Sir.

> As for the URL, the URL can be obfucated and not everyone is savvy
> how URLs are formed or the syntx of them.

Sure, but you'd never see the little sample as I typed, above. The
HTML would show the clickable part as the real BoA domain name [1].
Some people would click it; others are more astute. Regardless, to my
knowledge, anti-virus programs don't act on that, but email clients
may. I know Thunderbird's own "Junk" filter would - no a-v necessary.

[1] a good reason to read mail in Plain Text :-)

--
-bts
-Four wheels carry the body; two wheels move the soul