Avast WEBforum
Consumer Products => Avast Mac Security => Topic started by: uasi05 on December 06, 2011, 04:04:00 AM
-
Great product but I may have to uninstall because the above alert appears on my screen about every 30 seconds, stays for a while & then disappears. If I click on it it just disappears for another 30 seconds before returning. It's incredibly distracting/annoying - almost epilepsy inducing. I can't find a way to hide or even move it. Is there a way..?
-
What email client do you have installed as avast is telling you to set the security to none for incoming and outgoing emails within it so that avast can then look after it and scan your mail for you.
-
I don't know about the OP, but I have AT&T/Yahoo although I only check it through the mail program on my mac. But I am having the same problem. I have no idea if the SSL/TLS Connection Detected is telling me, "Yay, you have the connection you should have!" or "There's some hideous virus coming through on your connection and you need to do something to stop it!" My email is spamming others, and I'm trying to stop it, but I don't understand what avast is telling me and it didn't stop the spam.
-
The message is trying to say (the popup messages will be much more informative in the next beta release): "The avast! mailshield can not check your mail traffic because it is encrypted" and appears every time your mail client connects to the server. The solution is not to switch the popup verbosity to "errors and alerts only", but to disable SSL in your mail clients configuration and set it up in the avast! mailshield configuration.
This way the avast! mailshield will be able to check the mail traffic and your connection to the server will remain encrypted.
-
Ok i am also having this problem i use MAC mail the program that comes bundled with a Mac computer how do you do the fix that is suggested because this is relly annoying as i have 4 email inbox's
-
From my previous post:
The solution is not to switch the popup verbosity to "errors and alerts only", but to disable SSL in your mail clients configuration and set it up in the avast! mailshield configuration.
This way the avast! mailshield will be able to check the mail traffic and your connection to the server will remain encrypted.
This means You have to:
- Start Apple Mail and go to Mail -> Preferencess -> Accounts -> Advanced and uncheck the "Use SSL" checkbox.
- Open System Preferences and go to Avast -> Shields -> Mail Shield -> Advanced... -> SSL and add the mailservers You are using to the list.
-
Hello guys,
looking forward to using avast under OS X, so far have been using it only under Bootcamp.
____
How would you setup Mail shield for iCloud account? @me.com mail...
I turned off SSL at Mail and I have set Avast to proper imap ssl server only to see something about wrong certificate or something like that.
Turned Mail Shield off for now.
(Jinak dobrá práce, jen tak dál ;D)
EDIT:
Fixed by moving Apple .Mac Certificate Authority from Login to System in Keychain.
-
I am using Sparrow for Gmail. It is a simplified client whose setup includes entering a name and password for Gmail. All other options available to the user are superficial; there is no option to change use of SSL.
A related topic here: http://forum.avast.com/index.php?topic=92303.0 which links to my original post on the avast! c|net forum that I made while these forums were down.
I have just added the Gmail servers to the Avast! preferences: http://cl.ly/DjqB
Is this correct?
Also, I'm not sure what is meant by the note at the bottom, "...must be in one of the 'System Roots' or 'System' keychains..."
I have an idea of what this means, but once I opened Keychain I'm lost. How do I know which certificate I'm looking for?
-
I am using Sparrow for Gmail. It is a simplified client whose setup includes entering a name and password for Gmail. All other options available to the user are superficial; there is no option to change use of SSL.
A related topic here: http://forum.avast.com/index.php?topic=92303.0 which links to my original post on the avast! c|net forum that I made while these forums were down.
I have just added the Gmail servers to the Avast! preferences: http://cl.ly/DjqB
Is this correct?
There is no way how to configure Sparrow to use the avast! mailshield, if it lacks the possibility to use non-SSL connections. In the next avast! release there will be at least the possibility to disable the "SSL warnings" so one can use the mailshield for other mail clients at the same time without being annoyed by the popup windows every time Sparrow connects to the server.
Also, I'm not sure what is meant by the note at the bottom, "...must be in one of the 'System Roots' or 'System' keychains..."
I have an idea of what this means, but once I opened Keychain I'm lost. How do I know which certificate I'm looking for?
You are looking for the certificate of the mailserver you are connecting to or the certificate of the certification authority that signed the mailserver's certificate. To learn about SSL certificates and/or the Mac OS X keychain, you can use any article generally explaining this topic as this is not a avast! mailshield specific topic.
-
Hi,
Can someone tell the correct settings to configure avast with Gmail? I'm using the Postbox app with Gmail but no matter what settings I try I can't get avast to scan my mail. Any ideas?
-
Hi,
Can someone tell the correct settings to configure avast with Gmail? I'm using the Postbox app with Gmail but no matter what settings I try I can't get avast to scan my mail. Any ideas?
You will need to disable the SSL Connection in the postbox app (if it is possible, never used it personally) and reconfigure the Mail shield for SSL. (Avast -> Shields -> Mail Shield -> Advanced... -> SSL)
-
Hi,
Can someone tell the correct settings to configure avast with Gmail? I'm using the Postbox app with Gmail but no matter what settings I try I can't get avast to scan my mail. Any ideas?
You will need to disable the SSL Connection in the postbox app (if it is possible, never used it personally) and reconfigure the Mail shield for SSL. (Avast -> Shields -> Mail Shield -> Advanced... -> SSL)
Yup, I've tried that many times. Avast still says it can't scan the email and Postbox will not connect to Gmail.
-
Hello All,
My settings with no results:
Mac OS X 10.7.2
eMail cliente = Apple Mail 5.1
eMail account:
Gmail imap and smtp.
Added SSL server in Avast preferences: imap.gmail.com and smtp.gmail.com
On Apple Mail unchecked SSL and imap port still 993 and SMTP 543 (and tried others ports too).
Result: No scan!
SSL/TLS connection detected!
avast! Mail shield has detected a secured SSL/TLS connection that can not be scanned.
Address:74.125.65.108
Port: 993
On Avast preferences I see a note about to download a SSL certificate. How to do that ?
-
Hello All,
My settings with no results:
Mac OS X 10.7.2
eMail cliente = Apple Mail 5.1
eMail account:
Gmail imap and smtp.
Added SSL server in Avast preferences: imap.gmail.com and smtp.gmail.com
On Apple Mail unchecked SSL and imap port still 993 and SMTP 543 (and tried others ports too).
Result: No scan!
SSL/TLS connection detected!
avast! Mail shield has detected a secured SSL/TLS connection that can not be scanned.
Address:74.125.65.108
Port: 993
On Avast preferences I see a note about to download a SSL certificate. How to do that ?
First, the mailshield scans only incoming traffic, so revert all the smtp related settings and delete smtp.gmail.com from the mailshield's preferences.
To make the IMAP scanning work, you have to set the IMAP port to 143 in your mail client (and uncheck "use SSL as you already have)
-
On Avast preferences I see a note about to download a SSL certificate. How to do that ?
For gmail there should be no action necessary as the "System Roots" keychain contains the certificate of the appropriate CA by default.
-
For gmail there should be no action necessary as the "System Roots" keychain contains the certificate of the appropriate CA by default.
Odvolávám co jsem odvolal, slibuji co jsem slíbil...
Sorry, the CA used for Google gmail is NOT in the "System Roots" keychain (at least not on 10.6.), so it must be added to the "System" keychain manually.
-
Hi,
in order to use SSL/TSL connection to my mailserver, I have to switch of the corresponding settings in my MailClient (i.e. Apple Mail) and simply chose such settings allowing for unsecure connection. Everytime Apple Mail tries to connect to the Mailserver, this request will be passed to avast! and avast! will then connect using SSL/TSL.
Is this correct?
However, I wonder how can I be sure that the Mail transfer is really secured and really handled by avast! and not somehow bypassed, or that Apple Mail is not connecting in parallel to the Mailserver by the – now – unsecure way? For example, if avast! has crashed?
Pucicu
-
Is this correct?
Yes.
-
OK, thanks, and what about my second, more important question?
-
OK, thanks, and what about my second, more important question?
A good many of the popular email services now require encryption ( Check with your email provider). If Avast was not running to forward the secured connection the mail server would reject the connection in this case.
-
I know only providers which allow both, secure and insecure connections. Therefore, in my opinion it is problematic, to just switch off the secure connection to the mailserver in the mail client. Better would be (perhaps) to use a certain port in the mail client, which ensures that connections will fail if avast is not working.
-
I know only providers which allow both, secure and insecure connections. Therefore, in my opinion it is problematic, to just switch off the secure connection to the mailserver in the mail client. Better would be (perhaps) to use a certain port in the mail client, which ensures that connections will fail if avast is not working.
If your data is that sensitive, you may consider something like this: http://www.gpgtools.org/
-
However, I wonder how can I be sure that the Mail transfer is really secured and really handled by avast! and not somehow bypassed, or that Apple Mail is not connecting in parallel to the Mailserver by the – now – unsecure way? For example, if avast! has crashed?
You can set up the firewall to block all outgoing connections to the non-SSL ports:
ipfw add deny tcp from me to any dst-port 110
ipfw add deny tcp from me to any dst-port 143
This way, you wan't connect to the non-SSL servers in case the mailshield is off.
-
Hello,
thanky for your replies!
And yes, I'm already using gpgtools. The problem is that most of the other people around do not use it.
The idea with the firewall is good. But as everything, it is not so easy. Unfortunately, I also need to contact to one mailserver which doesn't provide SSL. Nevertheless, I think you suggestion works fine for most of the people.
Thanks again!
Pucicu
-
1. thanky for your replies!
2. And yes, I'm already using gpgtools. The problem is that most of the other people around do not use it.
1. You're welcome.
2. It's a pity.
-
The idea with the firewall is good. But as everything, it is not so easy. Unfortunately, I also need to contact to one mailserver which doesn't provide SSL. Nevertheless, I think you suggestion works fine for most of the people.
The firewall rules do not have to be as simple as the example. You can specify the exact hosts to be blocked (or passed through).
-
I'm getting an error from Avast! when I try to check my email using Opera. It says that I'm getting an invalid/unknown SSL cert from imap.gmail.com.
I have Avast! set to use only SSL for "imap.gmail.com".
What should I do to correct this?
-
I'm getting an error from Avast! when I try to check my email using Opera. It says that I'm getting an invalid/unknown SSL cert from imap.gmail.com.
I have Avast! set to use only SSL for "imap.gmail.com".
What should I do to correct this?
You have to add the certificate of the certification authority that signed imap.gmail.com to the "System" keychain before adding imap.gmail.com to the SSL-only list as the certification authority is not in the "System Roots" keychain. The certificate you are searching for is Equifax Secure Certificate Authority and can be downloaded from http://www.geotrust.com/resources/root-certificates/ (http://www.geotrust.com/resources/root-certificates/)
-
I too get the annoying ssl pop ups. I use Postbox express with imap gmail.
I tried to resolve the problem using the tips I found here, moved the server
to keychain system, disabled ssl on Postbox, added server on avast advanced
setup, and several combinations of all the tips, but nothing,...
Postbox tries to access gmail but nothing... endless activity donut...
I finally turned everything back to the original setup and disabled avast mail shield.
I'm disappointed with the way Avast tries to tackle email protection, the solution
should be a simple drop in, you can't expect the users to start fiddling around with
system configuration options just to get Avast to work...
This is a -1 for you Avast, I'm keeping you around a while to see how everything
else works and hopefully you'll resolve the email problem with the next update !!
-
I too get the annoying ssl pop ups. I use Postbox express with imap gmail.
I tried to resolve the problem using the tips I found here, moved the server
to keychain system, disabled ssl on Postbox, added server on avast advanced
setup, and several combinations of all the tips, but nothing,...
If done the right way, it must work. The whole procedure in 3 steps:
- Download the Equifax Secure Certificate Authority certificate (http://www.geotrust.com/resources/root-certificates/ (http://www.geotrust.com/resources/root-certificates/)) and install it into your System keychain using the keychain utility
- Add imap.gmail.com (or pop.gmail.com for POP3) to the list of SSL-only servers in the avast! preferences
- Disable SSL in your mail client
If you still see error/warning popups, look into the system log
I'm disappointed with the way Avast tries to tackle email protection, the solution
should be a simple drop in, you can't expect the users to start fiddling around with
system configuration options just to get Avast to work...
There will probably be some automatic configuration in the future, but note, that the auto-configuration tool has to "play" with your security settings, so let it "somehow work" without knowing what is going on is not very recommended...
-
I'm confused, isn't turning off SSL bad? I want my messages secure.
-
I too get the annoying ssl pop ups. I use Postbox express with imap gmail.
I tried to resolve the problem using the tips I found here, moved the server
to keychain system, disabled ssl on Postbox, added server on avast advanced
setup, and several combinations of all the tips, but nothing,...
If done the right way, it must work. The whole procedure in 3 steps:
- Download the Equifax Secure Certificate Authority certificate (http://www.geotrust.com/resources/root-certificates/ (http://www.geotrust.com/resources/root-certificates/)) and install it into your System keychain using the keychain utility
- Add imap.gmail.com (or pop.gmail.com for POP3) to the list of SSL-only servers in the avast! preferences
- Disable SSL in your mail client
If you still see error/warning popups, look into the system log
I'm disappointed with the way Avast tries to tackle email protection, the solution
should be a simple drop in, you can't expect the users to start fiddling around with
system configuration options just to get Avast to work...
There will probably be some automatic configuration in the future, but note, that the auto-configuration tool has to "play" with your security settings, so let it "somehow work" without knowing what is going on is not very recommended...
I followed the above directions however I am still getting the popups saying "SSL certificate check faild - host: smtp.gmail.com". I am using mail.app with the latest version of avast for mac.
-
One of five email accounts will not work with Use SSL unchecked. It is an account from my web account at imhosted.com. "The server returned the error: The attempt to read data from the server “mail.<mywebsite>.com” failed." Any ideas?
-
I turned off the SSL in my apple mail thing like you guys said, but everytime I try to go into the preferences in Avast, when I get to the advanced menu in Mail Shield the whole preferences crashes, and it won't even let me send an error report. :(
-
when I get to the advanced menu in Mail Shield the whole preferences crashes, and it won't even let me send an error report. :(
This is a known bug that will be fixed in the next program update.
-
I am using iCloud as mail provider. As imap server iCloud uses: p02-imap.mail.com
I disabled SSL(Mail-accounts-advanced) and entered the server name into avast preferences. Works fine.
Now my question. In Mail(OSX included) I have no settings for the outgoing smtp server when using iCloud. When disabling SSL I suppose the outgoing smtp connection will be not encrypted anymore.
As Avast only checks the incoming traffic my outgoing mail will be insecure.
Is that true? Unencrypted outgoing mail is not what I want!
-
Hi all, first post regretfully...
I am also getting this error. All of my google accounts have SSL/TLS disabled, and yet for some reason it shows it as going forward as having it. I also have google's imap, and pop, and smtp in the Mail Shield -> Advanced -> SSL settings.
I am using Mail 5.2 and Lion 10.7.3... 16GB ram (soon to be 32GB), and half a Petabyte of HD space. 8TB on my computer alone. Yes I'm a geek...
I am using Avast Beta 7.0 (36454)... so just reporting in the bug...
-
I am using iCloud as mail provider. As imap server iCloud uses: p02-imap.mail.com
I disabled SSL(Mail-accounts-advanced) and entered the server name into avast preferences. Works fine.
Now my question. In Mail(OSX included) I have no settings for the outgoing smtp server when using iCloud. When disabling SSL I suppose the outgoing smtp connection will be not encrypted anymore.
As Avast only checks the incoming traffic my outgoing mail will be insecure.
Is that true? Unencrypted outgoing mail is not what I want!
ping
-
I am using iCloud as mail provider. As imap server iCloud uses: p02-imap.mail.com
I disabled SSL(Mail-accounts-advanced) and entered the server name into avast preferences. Works fine.
Now my question. In Mail(OSX included) I have no settings for the outgoing smtp server when using iCloud. When disabling SSL I suppose the outgoing smtp connection will be not encrypted anymore.
As Avast only checks the incoming traffic my outgoing mail will be insecure.
Is that true? Unencrypted outgoing mail is not what I want!
The avast! mailshield indeed only scans incoming mail (POP3, IMAP). Outgoing mail (SMTP) is not handled by the mailshield in any way, so there is no reason, any SMTP setting should be changed in your mail client. In other words - leave SSL enabled for SMTP in your mail client and everything will work fine.
-
I'm still getting the pop up thingys, even though I followed the procedure here. ????
-
How do l disable the SSL in Outlook for Mac?
Using Gmail.
-
How do l disable the SSL in Outlook for Mac?
Using Gmail.
Answered my own Q
Outlook
Preferences
Accounts
Then de-select SSL for the accounts.
Then went -
System
Avast
Mail Shield
Advanced
SSL
Then there is nothing there to select, it's blank.
(http://f.cl.ly/items/3k420i241K0I3I1K192K/System%20Preferences.png)
-
Having the same issue with Comcast mail server. I disable SSL in Mail, but when I go to the SSL window it won't let me add anything. If I need to maunally add the cert to the system keychain, where can I get it and how do I install?
I have to get this worked out as Comcast doesn't allow non SSL connections.
Really don't want to have to go back Sophos, but...
-
Hi all
Having the same issue really.
I have followed the instructions re Mac Mail for the SSL but am still getting the popup.
Also when I have web shield enabled, I cannot connect to the internet.
I am running OS Lion, with Safari and using a VPN programme as I am in the Middle East.
a question in 2 parts:
will the vpn affect the mail scans and
how do I configure Avast to allow internet connection using the VPN client
thanks in advance
-
@SPL889: You have to hit the 'Unlock Button' which allows you to make changes.
Everybody else:
1) I have a MAC, and am using MAC Mail Ver 5.2. AOL is my Mail Provider
2) I had this same problem, but I configured the settings, and now don't get the popup saying there is a SSL/TLS connection. But, I can't receive e-mails with SSL disabled Port 143.
3) I can receive e-mails with SSL enabled Port 993. what am I missing? And how do I insert a screenshot?
(http://)
-
Thank you @tumic
-
I've followed the above instructions and the annoying pop-ups have disappeared, but being an untechnical non-geek I have no idea whether my mail is now secure.
I don't recall this problem with earlier versions of avast! and I'm afraid that i consider that this is a backward step.
Yes, I know it's free, and very grateful I am for that, but surely the upgrade/installation should be either seamless or at least be fully explained in simple English and not in terms such as The SSL certificates required for the server authentication must be in one of the 'System Roots' or 'System' keychains before the server is added to the list which are pretty well meaningless to the technophobic user?
What happens when the current version "expires" and the application needs downloading and updating again (which has happened from time to time in the past) - will my Mail stop working because avast! has expired or perhaps continue to work but then not be secure? Will I have to reintroduce the SSL option in Mail preferences for the dozen accounts with two different providers which I run?
A good product but let down by this over complication - please make it easier for the non-dweeb!
MacOSX.6.8, Mail v4.5 (1084), 27" quad-core i7 iMac
-
So in the mail shield, I add all the IMAP server I connect to and it then obtains their IP addresses.
But what happens should the IP addresses change in the future? Will Avast automatically detect that
and modify that list?
-
So in the mail shield, I add all the IMAP server I connect to and it then obtains their IP addresses.
But what happens should the IP addresses change in the future? Will Avast automatically detect that
and modify that list?
Currently not, but it may be added in the future. But note, that IP address changes of mailservers are very rare, so it should not be such an issue.
-
It may be for folks who see different Ip addresses when inside/outside their company LAN (DNS returns different IP) or where the mail provider attempts to provide some level of 'global load balancing' by returning differenyt IPs (for different locations, or to direct traffic differently based on load)
-
Well, after changing the SSL settings as advised earlier, all the amber alerts disappeared.
However, when checking my email the following morning, I got a series of red alerts which said something along the lines that mail couldn't be collected because the servers needed SSL security - sorry, I was so hacked off that i didn't record the actual words.
Accordingly, I checked the SSL box for each mail account and downloaded my emails - but got the series of amber alerts yet again.
So, wanting neither a series of amber alerts or red alerts, which seem the only options, i've uninstalled avast! and will wait for a new version which hasn't tried too hard to be clever.
I'm not a geek, so I want a solution which will install and operate without any technical input (such as changing SSL settings when I don't have much real idea of what they are or what the implications may be) from me - like Sophos, clamXav or iAntivirus, all of which instal with little or no fuss.
Sorry avast!, this update seems a retrograde step to me.
-
Having the same issue as iBozz, I believe. SSL is disabled in Mail on all my incoming mailservers; I added these servers to the avast! mail shield SSL list.
The Gmail accounts I'm checking seem to be fine, but I get the following screen-full of warnings from other accounts:
(http://files.andraste.co.uk/avast-screenshot.jpg)
Meanwhile in /var/log/system.log I'm getting lines like:
Jun 7 18:15:48 xxxxx proxy[1506]: No common name matching host name (xxxxxxxx.outlook.com) found in peer certificate!
Jun 7 18:15:48 xxxxx proxy[1506]: Certificate verification failed: SSL_get_verify_result(): self signed certificate
Jun 7 18:15:50 xxxxx proxy[1506]: Certificate verification failed: SSL_get_verify_result(): unable to get local issuer certificate
So I guess I need SSL certificates and I need them to be in the right place. Where do I get the certificates from and where do I put them? As you can see, one account is trying to access a mail server that's running outlook (forgive me if some of my terminology is inaccurate here; this is not my area of expertise); there are four accounts that are associated with a website I have hosted by Dreamhost.
Any help much appreciated.
-
So I guess I need SSL certificates and I need them to be in the right place. Where do I get the certificates from and where do I put them?
The right place are the "System roots" and "System" keychains. For most servers, the certification authority certificate is already present in the "System Roots" keychain, if not, you have to import it to the "System" keychain. And where to get them? From the cryptographic point of view, you should obtain the certificate via a "trusted channel" like on a flash disk from the system administrator, but the common way is to download it from the certification authority website/mail server provider website. You can also get it directly from a connection to the server, for example by executing the command:
openssl s_client -connect your.mailserver.com:993
and storing the certificate
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
as a .cer file.
Note, that there may be special tools for that if you are not familiar with the command line.
-
Many thanks for your reply. I took your advice and got hold of the certificates I needed by ssl-ing into the servers I needed through the command line.
Unfortunately, I think I'm falling foul of this problem: http://wiki.dreamhost.com/Certificate_Domain_Mismatch_Error (http://wiki.dreamhost.com/Certificate_Domain_Mismatch_Error)
While Dreamhost provides advice as to how to get around certificate domain mismatch errors, the other email providers I use aren't so helpful. In any case, changing the hostname in Mail for my Dreamhost-based email accounts didn't stop the error messages.
Your instructions were clear, and following them has given me an improved understanding of the problem, but until this gets considerably more straightforward to set up in avast, I have no option but to reinstate SSL on my accounts in Mail and turn off the avast mail shield.
-
changing the hostname in Mail for my Dreamhost-based email accounts didn't stop the error messages.
You have to put the correct hostname (the hostname that is in the server's certificate) to the avast mailshield preferences (and remove the old entry!). Changing the hostname in the client does not affect anything as the mailshield is now the component which is "doing" SSL/TLS.
-
Thank you; this helped. Since I haven't been able to establish the correct hostname for some of my accounts, I've left SSL on for them in Mail (so I get warnings), but my other accounts are being monitored correctly (I assume!) by the avast mail shield. It's a start!
-
The message is trying to say (the popup messages will be much more informative in the next beta release): "The avast! mailshield can not check your mail traffic because it is encrypted" and appears every time your mail client connects to the server. The solution is not to switch the popup verbosity to "errors and alerts only", but to disable SSL in your mail clients configuration and set it up in the avast! mailshield configuration.
This way the avast! mailshield will be able to check the mail traffic and your connection to the server will remain encrypted.
I downloaded the user manual
http://files.avast.com/files/documentation/quick-start-guide-v7-free-eng.pdf
to get more information about this and searched it for ssl, tls and mail (separately) and got zero hits.
I am wondering where I can find documentation on this? Thanks
-
Agreed; documentation on this matter is sorely lacking.
Gmail has spontaneously started giving me problems again:
(http://files.andraste.co.uk/images/avast/avast_warnings.jpg)
This is in spite of the following:
I have added imap.gmail.com to my SSL list in the mail shield preferences:
(http://files.andraste.co.uk/images/avast/avast_ssl.jpg)
I have deactivated SSL in Mail for my Gmail account:
(http://files.andraste.co.uk/images/avast/mail_settings.jpg)
And the Equifax certificate authority that I understand covers Gmail is in the System Roots in my Keychain:
(http://files.andraste.co.uk/images/avast/keychain.jpg)
I can only be doing something wrong, but what is it? Any help much appreciated.
-
I see that a reverse DNS on that gives
# hostx imap.gmail.com
imap.gmail.com CNAME gmail-imap.l.google.com
gmail-imap.l.google.com A 173.194.79.108
gmail-imap.l.google.com A 173.194.79.109
So I wonder if you need to put for the server gmail-imap.l.google.com rather than imap.gmail.com
and if that works it will solve my issue too...maybe
oops I see it might get even more complicated:
# hostx 173.194.79.108
Name: pb-in-f108.1e100.net
Address: 173.194.79.108
and
# hostx 173.194.79.109
Name: pb-in-f109.1e100.net
Address: 173.194.79.109
wonder how to tell what is on the SSL cert as the server name?
beats me!
-
Thanks, huanito; putting gmail-imap.l.google.com in my SSL list in the mail shield preferences actually got Gmail behaving again for me.
-
Dear all,
This is my first post, and I have registered just write this to hopefully help people out who were having the same prob as me; I'm in no way a technical noob but some of the descriptions on here did not explain enough for me, so here's my FULL explanation of how I got through this problem!!! Consider it an idiot's guide....
Firstly I'm using Apple's "Mail" as my client to access my emails from various hotmail/live accounts through POP3.
The Growl notifications that ket popping up "SSL/TLS Connection Detected....." etc etc mean that Avast has found an incoming connection that it can't scan. The reason it can't scan it is because you probably have SSL/TLS encryption set in your client to keep your emails secure. For Avast to scan emails you need to deactivate SSL in your client, and then tell Avast which servers you're using for email so it can scan them itself instead of your mail client. Until you do this you will get these pop ups every time your mail client refreshes your email inbox, so for me I got 3 pop ups every 5 mins. VERY ANNOYING!!!
So, to disable SSL in Mail do the following:
Go to Mail > Preferences, and here you'll find the list of your email accounts. Click on the Advanced tab and next to the box with your port number in make sure the "Use SSL" check box is empty. If you have more than one email account repeat this for each of them.
This has removed encryption from incoming mail, although apparently Avast doesn't scan your outgoing mail server (smtp). Do not worry though as SSL is still active on your smtp server in Mail and you can check this by:
Keep on the Accounts page in Preferences and click on the Account Information tab. On the "Outgoing Mail Server (SMTP)" drop down list click the bottom option "Edit SMTP Server List", and from here you can choose each server in the top of the window, select the Advanced tab in the bottom of the window and you'll see that "Use Secure Sockets Layer (SSL)" is ticked.
Good. We've turned off SSL on incoming mail, but still have it active on outgoing mail. Now all we need to do is tell Avast which incoming servers to scan.
FIRST...
In my "Keychain Access" I already had the passwords saved for my email accounts under the "login" section, but Avast needs them to be in either the "System Roots" or "System" section. I'm not sure what the difference is so I moved them to "System". To do this find the entries that look like pop3.something.something, mine are all pop3.live.com as all my accounts are with hotmail/live. You can simply drag them into the "System" section on the left, authenticate with your administrator password and they're moved. YOU MUST DO THIS BEFORE MOVING ON....!
SECOND...
Now we've moved the certificates to the appropriate place for Avast to find them we need to tell Avast what they're called.
Go to System Preferences, click on Avast, and under the "Shields" tab click the Advanced button next to the Mail Shield (if it's greyed out you need to click the padlock in the bottom left corner and authenticate with your password to make changes). Now click on the SSL tab and the list box should be empty. Click the "+" button and type your incoming server hostname i.e. "pop3.live.com" and click Add. (Note under the list it says your certificate should be in the System section of your Keychain BEFORE it's added to this list. This is the bit that stumped me for a while and why you have to move it before doing this step.)
And that should be it!
Not complicated, but if (like me) you found the "helpful descriptions" here not particularly helpful I hope I've explained it fully.
I've had my emails working fine for the past hour or so so I hope I've fixed it as I love Avast on my PCs and would like to have it behaving properly on my Macs too now.
Fingers crossed, and good luck everyone else!!
-
I would love to see the latest version of the software take care of this... I think with all the security patches that have come out as of late, I'd like to see this on the next version. I hate disabling the SSL/TLS connection. I run a company though my emails, and my system is ungodly locked down when it comes to security. I have m0n0wall, and many other things going through my network... before I see anything.
I love Avast, don't get me wrong, I enjoy the small footprint it offers, but I am getting annoyed at the lack of SSL/TLS connection support. It makes me worry about other things, such as when I am on my laptop out of my personal network... who can view my emails when using someone else's less secure networks... you can understand where I am coming from I hope.
-
I am getting annoyed at the lack of SSL/TLS connection support.
There must be some misunderstanding... Avast for Mac of course supports SSL/TLS in the mailshield. You just have to configure it (like in the Windows version) by disabling SSL in your mail client (one click in Apple mail) and adding the server in the avast! preferences (as simple as typing the servers name and clicking "Add").
-
Well, that wasn't easy to sort out. If you read this far through the thread, make sure that you do everything in the right order as specified by Tumic in his last post on page 2. In fact, I'd suggest that his post be moved to the start of the thread so that it is totally clear what to do to fix this problem.
Otherwise avast! for the Mac seems fine and there has been no noticeable impact on system performance, unlike any Windows AV software that I've ever tried.