Author Topic: Avast strips starttls?  (Read 1777 times)

Offline ehsmeng

  • Newbie
  • *
  • Posts: 1
  • Gender: Male
    • Personal Message (Offline)
Avast strips starttls?
« on: March 25, 2007, 09:33:50 AM »
Hi,

I'm trying to make encryption work on outgoing mails using Thunderbird.

If I use TLS, Thunderbirds whines about there not being any STARTTLS. And indeed, a quick telnet agreed on that:

Connected to mail.example.com.
Escape character is '^]'.
EHLO example.com
220 example.com ESMTP Postfix
250-example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250 8BITMIME

But when I "Stop On-Access Protection" in Avast I do get the Starttls:

Connected to mail.example.com.
Escape character is '^]'.
EHLO example.com
220 example.com ESMTP Postfix
250-example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250 8BITMIME

How can I make Avast just "check outgoing where possible and let me encrypt as I want"?

Thanks,
Marcus

Offline DavidR

  • avast! √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 69198
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: Avast strips starttls?
« Reply #1 on: March 25, 2007, 12:28:07 PM »
avast can't check encrypted email, as it is effectively 'outside' the email client and encryption process. That is the whole point of encryption so it doesn't handle it well if you standard pop3/smtp ports for encrypted email.

avast intercepts the outbound email to scan it and once done then hands it off but it believes it is plain old smtp port 25 traffic so doesn't know to initiate the 'STARTTLS' command. Sorry this is a very simplified interpretation of my limited understanding of this. Also see http://forum.avast.com/index.php?topic=26654.msg217996#msg217996

To be able to scan encrypted email avast needs a third party interface, STunnel.
Gmail and Avast Providers
Solution: Using GMail with Avast and a SPAM filter
Redirecting multiple SSL accounts

What ports are you using and what does your ISP (?)/email service say you should use ?
There are ports allocated for SSL/TLS connections. Secure Ports POP3 995; SMTP Ports, Thunderbird-587 - Outlook/Express-465. Also see http://email.about.com/od/gmailtips/qt/et010605.htm
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2016/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now