False positive warning on PGP/MIME-mails

[Patrick Schoenbach]

Hi,

whenever I get an encrypted mail in PGP/MIME-format (retrieved via IMAP), avast! warns me of a potential thread in the attachment.

[igor]

What's the exact message?

[Patrick Schoenbach]

What's the exact message?

In German:
"Stark verdächtige Erweiterung im Attachment"

[igor]

Sounds like e-mail heuristics. Try to customize the settings in the respective provider (Internet Mail or Outlook).

[Patrick Schoenbach]

Sounds like e-mail heuristics. Try to customize the settings in the respective provider (Internet Mail or Outlook).

I did, but was not able to stop it.

[igor]

What e-mail client do you use, what provider did you configure - and how?

[Patrick Schoenbach]

What e-mail client do you use, what provider did you configure - and how?

Client: Thunderbird 1.5.0.3 using the enigmail extension

Provider:
Internet Mail, medium security. I also tried the custom heuristics with everything switched off. It still happens. Probably, because at least one message part is of type "application/octet-stream".

[hron84]

Sounds like e-mail heuristics. Try to customize the settings in the respective provider (Internet Mail or Outlook).

I think it isn't a solution. Please add recognition of PGP header (plaintext) to heuristic scanner. This is a very-very old bug in avast!.