Author Topic: Port intercepts, other software & Hotmail  (Read 4716 times)

0 Members and 1 Guest are viewing this topic.

Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3870
  • Just an avast user
Port intercepts, other software & Hotmail
« on: May 02, 2005, 08:57:49 AM »
A number of Avast users have reported that, coincident with upgrading to the current 4.6.652 release of Avast, they are experiencing problems in accessing Hotmail (and Lycos) from Outlook Express. 

Some have reported they cannot retrieve mail at all, others that mail retrieval has become remarkably slow.  None has, so far, reported any problem with sending mail from Outlook Express to Hotmail or Lycos (which may be interesting since the same protocol is used for sending and receiving). 

Before any readers of this post start thinking of POP3/SMTP and Internet Mail Provider then let's be clear it has nothing to do with any of those. 

The common factor here is a protocol called HTTP-DAV (also known as WedDav).  This is method by which mail is sent to/from the Webmail server of Hotmail (and Lycos) by Outlook Express (and Outlook - versions greater than 2000).  Because HTTP-DAV is a variant of HTTP the provider getting involved is Webshield.  The users experiencing the problem report that turning off Webshield restores their access to Hotmail. 

My interest was aroused since just at the start of these problems I had begun testing the use of HTTP-DAV as an access method for Hotmail - specifically for other mail clients than Microsoft's products. 

I have experienced no problem with accessing Hotmail accounts using HTTP-DAV from Outlook Express.  I have also tested with a third party HTTP-DAV to POP3/SMTP to HTTP-DAV converter called Hotmail Popper (even configuring to have Avast scan the POP3/SMTP elements of these streams) without any problem.

If you have read this far then you are probably wondering what the point of this thread is - please bear with me I am coming to it. 

The HTTP-DAV connection was fast enough that it seemed to me that the Webshield did not intercept the HTTP-DAV traffic to Hotmail (which connects like other HTTP traffic on port 80). 

So, I used a trace utility to trace the HTTP-DAV connections to be sure.  In the case of Hotmail Popper I found that Webshield did not intercept the traffic.  This is not a suprise given Avast's present "Optin" policy for HTTP interception. 

However, with Outlook Express the trace utility showed that Webshield does intecept the HTTP-DAV traffic to Hotmail.

Now (sorry it took a while) I come to the concern. 

Using the trace utility creates a reproducible condition in which Outlook Express and Webshield have looped port connections.  I have not left them going long enough to see if either finally terminates the condition.  Even if I then close the trace and Outlook Express any subsequent evocation of Outlook Express leads to the looped ports between OE and Webshield again.  Hotmail cannot be accessed until I restart my system.

If I run my system without Avast intercepting port 80 then the trace utility and Outlook Express play nicely, the trace is produced and Hotmail is accessed without any problem. 

The trace utility I was using is TDImon from SysInternals.  As its name suggests it claims to work at the transport driver interface. 

I am not suggesting, in this case, anything other than the trace program is the cause of the problem.  It just reminded me that there seem to be an increasing number of products that are using port intercepts out there. I am certainly aware of some so called "accelerators" provided by dial up ISPs that intercept port 80. 

So to my main question.  Is there an established "protocol" when multiple products wish to use intercepts for a given port - who takes priority, do they conflict or cooperate etc.?

While there may well be and probably are other factors involved in the problems some Hotmail/OE users are experiencing with the latest Avast update it seems that issues like this are probably out there waiting to bite us. 

Any thoughts from the Avast team on the general intercept issue?

Any update on Hotmail?