Author Topic: SSL encrypted e-mails (Read 6075 times)

hake · « **on:** August 06, 2012, 04:31:28 PM »

AVG E-mail Scanner is able to scan SSL encrypted e-mails so why not Avast!? The e-mail account in question only offers SSL encrypted service and fortunately scans e-mails for malware at the server.

Pondus · « **Reply #1 on:** August 06, 2012, 04:37:50 PM »

no AV can scan SSL/TLS mail accounts....it would not be secure if they could...that is the point with SSL/TLS

but avast can if you sett it up correct

http://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=842

and as you say, most of these have virus scanners on the mail server so the mail is already scanned before you recive it

DavidR · « **Reply #2 on:** August 06, 2012, 04:50:25 PM »

Quote from: hake on August 06, 2012, 04:31:28 PM

AVG E-mail Scanner is able to scan SSL encrypted e-mails so why not Avast!? The e-mail account in question only offers SSL encrypted service and fortunately scans e-mails for malware at the server.

Yes and No, is the answer.

In its raw state the SSL traffic is encrypted so can't be scanned (that after all the the whole point of the Secure Sockets Layer), yes it is probably possibly to scan the data stream in its encrypted form, but you are highly unlikely to detect anything as any virus signature wouldn't match the virus signature in encrypted data streams/form.

So you need to have a go between (as used to happen in avast5) or the email client has to allow the anti-virus program to handle the secure connection so that the email can be scanned prior to encryption (as in avast7)

Vladimyr · « **Reply #3 on:** August 06, 2012, 05:30:50 PM »

Quote from: DavidR on August 06, 2012, 04:50:25 PM

So you need to have a go between (as used to happen in avast5) or the email client has to allow the anti-virus program to handle the secure connection so that the email can be scanned prior to encryption (as in avast7)

I think DavidR means (as used to happen in avast4). avast! 5,6 & 7 have inbuilt SSL connection capability. Ive been using Thunderbird, IMAP, Googlemail, avast! MailShield combination since avast! 5 was released.

hake · « **Reply #4 on:** August 08, 2012, 09:18:43 AM »

Why cannot Mail Shield scan mails after they arrive and have been decrypted by the email client?

Vladimyr · « **Reply #5 on:** August 08, 2012, 10:32:40 AM »

Because the Mail Shield isn't the File Shield.

I see no reason why it couldn't, but the purpose of the MS is to intercept malware before it gets into the inbox archive of your email client.

If your food was being poisoned, would you prefer to find out as you went to put it in your mouth, or after you'd swallowed it?

hake · « **Reply #6 on:** August 08, 2012, 11:13:46 AM »

I would prefer to say that it is better to scan emails late than not at all.

The email service I use gives no choice. It is encrypted, period. The email service also scans for malware before letting me download it but I would prefer that I can also scan it.

Pondus · « **Reply #7 on:** August 08, 2012, 11:15:45 AM »

and what email service is that

if you look on the how to guide i posted above it tells you how to do it
you sett the mail client to normal no ssl/tls and then you sett the sll/tls connection in avast and let avast take care of the secure connection......then it can be scanned

also the file shield is running in the background 24/7 when computer is on, scanning all files that move in the computer. so when you play with the mail or attachment after download....the fileshield is on guard

Vladimyr · « **Reply #8 on:** August 12, 2012, 01:28:00 PM »

Quote from: hake on August 06, 2012, 04:31:28 PM

AVG E-mail Scanner is able to scan SSL encrypted e-mails so why not Avast!? The e-mail account in question only offers SSL encrypted service and fortunately scans e-mails for malware at the server.

I Just happened to be setting up AVG AV 2012.0.1913 with Thunderbird & GMail IMAP/SMTP today. There is no conceptual difference in the way avast!, AVG & ESET handle scanning of SSL email. In fact, AVG is the clunkiest and least transparently integrated of the three, still using "the good old" loopback IP 127.0.0.1, but it does support IMAP which is something that ESET doesn't.

hake · « **Reply #9 on:** September 17, 2012, 01:02:57 PM »

I looked up the knowledge base article and find that the latest Avast! (7.0.1466) seems to make some of that article obsolete. I use Outlook Express 6 with Windows XP. In setting up the SSL email handling in Outlook Express 6, I found that it is unnecessary to set the SMTP and POP ports and have left them in the default state. Avast! obviously detects SSL and automatically uses ports 465 and 995 in Mail Shield. Outgoing and incoming emails are scanned properly.

These observations might only apply to Outlook Express 6. I do not have the opportunity to try different contexts.

Author Topic: SSL encrypted e-mails (Read 6075 times)

hake

SSL encrypted e-mails

Pondus

Re: SSL encrypted e-mails

DavidR

Re: SSL encrypted e-mails

Vladimyr

Re: SSL encrypted e-mails

hake

Re: SSL encrypted e-mails

Vladimyr

Re: SSL encrypted e-mails

hake

Re: SSL encrypted e-mails

Pondus

Re: SSL encrypted e-mails

Vladimyr

Re: SSL encrypted e-mails

hake

Re: SSL encrypted e-mails