Author Topic: Avast 2014 and SSL email in Thunderbird  (Read 61320 times)

0 Members and 1 Guest are viewing this topic.

helkav

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #30 on: November 19, 2013, 07:44:03 PM »
ARGH! I spoke too soon. it's back; can't send imap emails again ; getting THAT popup from Avast.

...I did try to open safezone in the meantime (it sort of hung) obviously that SHOULDNT affect my
email client, but I'm really running out of ideas now...I guess I'll have to try to uninstall Thunderbird

my supply of patience with this is almost out...

 :'(

Avax_7

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #31 on: November 20, 2013, 09:20:54 PM »
I hope I have not led to a misunderstanding as to my solution. I get the feeling I might have from the last few posts Here is exactly what I did:

 - I did not uninstall Thunderbird, just Avast
 - used a reg tool to find and delete all data in the registry with avast in them
 - reinstalled Avast
 - deleted the certs from Thunderbird,
 - exported a .der cert file
 - imported the .der cert file into thunderbird

after the above all my mail accounts are working even with SSL scanning turned on

I am sorry but you did not read carefully the steps I mentioned in my previous posts... I wrote about uninstalling Thunderbird and not Avast!

dbrusco

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #32 on: November 20, 2013, 10:07:16 PM »
I ended up doing something else (which maybe I didn't need to do all of, but it was less trouble than uninstalling/reinstalling TB). I did reinstall Avast (that's the part I probably didn't need to do). And I found a troubling post.

I found a post that led me to this, which refers to 8 not 2014, but it seemed to work. I don't know if it makes any difference, but I exported the certificate this way instead of using the Export button. I also checked the "Trust this CA to identify websites" as it says there when importing into TB (which I hadn't done before because I wasn't sure whether and what to check).
http://www.avast.com/faq.php?article=AVKB91#artTitle

I still don't quite understand that after looking at this, which I'd found first. That said to check the "Trust this CA to identify email users." Granted, not talking specifically about Avast, but I'd like to understand if someone can explain (i.e. the difference between websites and email users in this context).
http://wiki.cacert.org/FAQ/BrowserClients#Installing_the_CRL

This is the troubling post: https://lelutin.ca/posts/avast_conducts_MitM_attack_on_users_and_encourages_bad_security_practices/

I'm not sure about the fingerprints on the imported certificate, either.

However, with SSL Scanning enabled, I don't get the Avast popups any longer and it appears that the emails are being scanned (based on what is in the email headers X-Antivirus and X-Antivirus-status).

Avax_7

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #33 on: November 21, 2013, 10:02:48 PM »
I ended up doing something else (which maybe I didn't need to do all of, but it was less trouble than uninstalling/reinstalling TB). I did reinstall Avast (that's the part I probably didn't need to do). And I found a troubling post.

I found a post that led me to this, which refers to 8 not 2014, but it seemed to work. I don't know if it makes any difference, but I exported the certificate this way instead of using the Export button. I also checked the "Trust this CA to identify websites" as it says there when importing into TB (which I hadn't done before because I wasn't sure whether and what to check).
http://www.avast.com/faq.php?article=AVKB91#artTitle

I still don't quite understand that after looking at this, which I'd found first. That said to check the "Trust this CA to identify email users." Granted, not talking specifically about Avast, but I'd like to understand if someone can explain (i.e. the difference between websites and email users in this context).
http://wiki.cacert.org/FAQ/BrowserClients#Installing_the_CRL

This is the troubling post: https://lelutin.ca/posts/avast_conducts_MitM_attack_on_users_and_encourages_bad_security_practices/

I'm not sure about the fingerprints on the imported certificate, either.

However, with SSL Scanning enabled, I don't get the Avast popups any longer and it appears that the emails are being scanned (based on what is in the email headers X-Antivirus and X-Antivirus-status).

Once again, the http://www.avast.com/faq.php?article=AVKB91#artTitle is something which I quoted in my previous posts. Nevertheless, the guidelines there refer to an older version of Avast!, they produce a different certificate (.cer) and, as the practice showed, they did not work. On the other hand, the procedure described in my previous post is suited to the newer version of Avast! and seems (fingers crossed) to work pretty good.

Too old for this

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #34 on: November 26, 2013, 01:25:28 PM »
Funny that, I just downgraded to Avast 8 and now it works without any problems. So I'll stick to version 8 until this stupid message box is changed in a way that it is helpful.

I spent most of the past day wrestling with this beast, until in desperation I decided that there might be someone else running into this nightmare, so, a brief web search brought me to this thread.

I've already tried much of what's been suggested here -- lost track of how many times I followed the friendly advice in the popup telling me to export the certificate and import it into Thunderbird. Tried every imaginable permutation of twiddling with the certificate after importing it (the fact that when I looked at it it told me it was NOT trusted wasn't very comforting). Told Thunderbird to accept it. Tried checking the box for making it work on email. Tried checking all three of the boxes. No joy.

I've been using Avast! Free for years without this grief. It was only when I upgraded to Version 9/2014 that the "fun" began.

Frankly, I'm just not up for uninstalling Thunderbird and then hoping I'd managed to avoid wiping out many years of content in the process -- or, at best, spending a nontrivial portion of my life reclaiming it. Nor am I excited by the fifty miles of step-by-step instructions found here: http://www.avast.com/en-eu/faq.php?article=AVKB91

After plodding through about a quarter of that page my eyes were glazed over and all I could think was that you gotta be kidding me. I mean, this sort of intricate "don't make one wrong move" drudgework is what computers are FOR. (Speaking solely as a retired programer/tech writer and "formerly famous person" now a disabled old fart.)

OK, I can admit when I'm beaten.

So how do I "down"grade to Version 8? I searched my drives, found two incarnations of Ver 7 and one of Ver 9, but that's it. All my other upgrades have been done via the in-program upgrade process, which, being consigned to uber-rural USA where I am stuck with dialup modem access, has always been less than enjoyable.

I have nosed around the Avast site and can not find any way to download Version 8. I have not yet looked at filehippo. If there's anything there, can it be trusted? I am generally loath to trust software obtained from other than vendor-site.

In looking at this thread, and some of the other instances of people running into this not-so-small taste of hell, it seems there are a LOT of people wrestling with this, and, it's been going on for what seems like quite some time.

I initially went with Avast because after researching every AV product I could find, it was the only one that was truly solid, void of bloatware (the big name retail products seemed the worst in that regard) and in general, truly elegant. I'm now starting to worry.

What worries me the most is the lack of any official statement on the problem, steps being taken to resolve it, any carrot of hope at all. The silence, as they say, is deafening.

Can anyone tell me how I can get back to version 8 and resume what's left of my life?

helkav

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #35 on: November 26, 2013, 01:51:01 PM »
@too old... I couldn't agree with you more

I tried a more minimalist approach to the uninstall/reinstall TB suggestion - I renamed the cert8.db file to cert8.db.old and restarted TB
this has the effect of resetting all security exceptions. so far (touch wood and keeping everything crossed) this seems to have worked

I didn't post as a solution because I have thought I was in the nirvana or being able to send emails without reprogramming my entire bleeping OS before, and look where that got me  :'(

at the moment I have no popups and can send/receive pop/imap and have SSL scanning on - I'm using Avast Internet Security

if you try this and it doesn't work - because I don't expect a consistent solution at this stage...post back here - I bet I have a version 8 of avast lying around somewhere (I'm a bit of a hoarder in that respect)

even so I would say: over to you Avast - you REALLY need to see how much palaver this upgrade is causing, and come up with a consistent solution

smartin

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #36 on: November 26, 2013, 03:41:44 PM »
Thanks for your post helkav! It works!
One remark, the cert8.db is located in the %appdata% folder on Win7 systems and after renaming, you'll have to accept the certificates for all your e-mail providers again. After doing so the message is gone.

dbrusco

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #37 on: November 26, 2013, 08:04:04 PM »
@too old @helkav @smartin

I also agree (also too old for this and the many other things that have broken and shouldn't have). I have 15 TB accounts plus local folders and 3 calendars and I don't want to uninstall TB either.

An update to what I previously wrote, I have gotten a few warning popups since doing what I did (1-2x when I closed TB, which it was doing each time I closed TB before, and once in a while otherwise), but for the most part I can get/send email and the Avast blurb shows up at the end of the message and headers.

smartin

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #38 on: November 28, 2013, 10:52:53 AM »
Sorry, I have to reply again, but the message is back. This only after resuming from hibernation, as far as I could work it out. Sending and receiving mails is working fine, all mails are scanned. What about you, is it the same on your side?

helkav

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #39 on: November 28, 2013, 05:22:52 PM »
@smartin no still working touch wood and pray to all the bird-gods of thunder etc etc

I am using TB Daily (bleeding edge version of TB i.e. daily updates)

I will go back to release & earlybird and see if the problem exists on them...can't see why they would, but this issue is currently defying all logic

hopefully I amn't asking for trouble by testing out the earlier versions...oh well wish me luck - here goes...

helkav

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #40 on: November 28, 2013, 06:37:57 PM »
@smartin - update I've tested sending/receiving imap emails from both TB release and earlybird. all seems fine. this was on an account without SSL, SSL scanning is enabled in avast

I then tested sending/receiving an imap SSL account - all seemed fine

I then went to the avast UI to check the SSL scanning was enabled, just so I wouldn't be misleading you...it was bu I noticed something odd - scan outbound mail was unchecked - I don't remember doing that since reinstalling Avast, but this has been a SERIOUSLY meandering path...anyhow I turned it on. sending still seemed fine, but I am now a seasoned cynic in this respect so not trusting that it "took" I restarted TB and what do you know, sending imap emails started having the same problems - i.e. couldn't save to sent folder

so I went back to Avast UI, switched of scanning outbound email and restarted TB, and hey presto all is good again. What really bugs me about this (apart from all this time I will never get back) is it specifically says SMTP email - so why is it affecting sending of IMAP emails?

I think I won't worry about scanning outbound email until Avast sort this mess out. Presuming they do eventually...

this is now Part 3 of what seems to be a 3 part solution

(1) clean out TB security certs (delete/rename cert8.db file)
(2) export/import Avast .der security certificate to TB
(3) switch off scanning of outbound emails

smartin

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #41 on: November 28, 2013, 07:26:03 PM »
Ok, I just confirmed the behaviour on my PC (Win7):
- sending/receiving with SSL enabled works fine
- rebooting or restarting Thunderbird is also ok, no problems
- resuming from hibernation --> now this stupid message pops up, although everything is working

So it seems to be a problem with hibernate, any suggestions?

helkav

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #42 on: November 28, 2013, 08:31:49 PM »
@smartin : the only thing I can think of is TB is possibly going offline when you hibernate, so perhaps if you force back online (I think by menu it's : file/offline (uncheck offline)

smartin

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #43 on: November 29, 2013, 04:15:11 PM »
@helkav: Nope, the box only pop's up the very first time after resuming from hibernation. After that I can check mails or close and start TB as often as I want, or even reboot and it works w/o the message box. I guess that's a problem of avast.

Too old for this

  • Guest
Re: Avast 2014 and SSL email in Thunderbird
« Reply #44 on: November 29, 2013, 05:46:36 PM »
Thanks to all who replied, provided feedback, suggestions, and in general, camaraderie on my Pilgrim's Progress through a region of hellishness I wouldn't even wish on any of my former publishers ;).

As I read through the various comments, my hopes were alternately raised, then dashed, over and over.  As it now stands, I plan on implementing the three steps detailed in Reply #40 and will report back on my success (or lack thereof).

Sorry I did not reply sooner. My "health" (using the term as charitably as possible) really does suck, bigtime. That, combined with the arrows in my back (Yay! I'm a pioneer! ;)) make stuff like this nonsense doubly difficult. Hard to imagine I used to be able to put in 30+ hour coding sessions, juggling yay many variables, procedures, data structures, and so forth in my mind, daring not to stop for such trivialities as food and sleep, lest I fumble a juggletoss and be forced to backtrack several hours to "find my place" again -- and then spend another few hours finding and fixing what I broke -- due to those "minor" nits I did not manage to find. My sole luxuries were the toilet-breaks, taken when I could no longer leverage the keyboard versus the throne, because I knew I'd do so at the cost of the aforementioned hours of backtracking and inadvertent adventures in Instant Regression].

Yep, hard to imagine All That Fun, from here, a place in which getting out of my chair and walking across the room takes all the oomph I can muster.

Ironically, my health decline went exponential roughly in tandem with the death spiral of the Dead Tree publications industry. Towards the end, I spent more time on the phone ranting and raving at my publishers (trying to get paid) than I managed to spend writing. The irony is that prior to my only semantically-true "retirement" I ran my work computer "naked." These were the end days of the era in which a few tens of megabytes were "a lot of memory." The notion of multiple gigabytes was unimaginable. My first encounter with anything gigaesque was the insanely huge TWO gigabyte SCSI drive I bought for the unimaginably low price of $900.

What with my work machine laden to the breaking point with compiler, IDE, word processor, various applications (those I used, and those I was developing), every byte and every cycle was precious. And, since I had no inclination to wade into the Inet's "red light district" I did not feel I was at risk for infection (I continued using Eudora Pro 3.x FAR beyond its "best used date" for the sole reason that it was strictly character-based, with what few browser-related "features" wholly optional, and thus, it was immune to scripting exploits).

The family machines, OTOH, which wife and child used in total disregard for my "paranoid" warnings, were strapped down tight with Avast! Free. And it did yeoman service.

It wasn't until some time after my career and my health disappeared below the cloud layer that I decided the Net had become so bloody unfriendly that it was completely nuts to run without an AV, at which point it went on my personal machine too.

Well, time to quit rambling; I hate bracing for a slew of "tl;dr" replies. ;)
« Last Edit: November 29, 2013, 05:55:45 PM by Too old for this »