Avast reports email as threat but message is from four years ago

[tar1827]

Avast shows a threat detected by an incoming email.  It puts the attachment into the virus chest.  Then just a few minutes later, it happens again.

Here's what seems strange to me:
1) the email was sent to me four years ago and the attachment is benign.
2) when I disable the email shields, no error is reported and this particular email does not arrive
3) when I re-enable the email shield, the errors begin again and repeat every few minutes
4) I also synchronize this email account with my android phone (no avast) and the phone does not receive this ancient email

I uninstalled Avast, wiped out all avast data from the hard drive, ran CCleaner to clean registry (did several reboots at appropriate times), then I installed a fresh copy of Avast 19.8.2393.  The problem started up again after the new installation was active.  I have been forced to deactivate email shield indefinitely so that I am not getting this threat announcement every few minutes.

I have searched for any indication that a recent email with this message header arrived in my Outlook, but it has not.  I have checked my email server logs to see if the message has passed through the email server in the last week, but it has not.  So the message is not really trying to be delivered, otherwise, my phone would get it or Outlook would get it while the shield is down and there would be a log entry on the server.  This email predates my current PC and my migration to Outlook, so when it was current, the email came in to Eudora on a different computer so I don't understand how it could be resurrected from 2014 either.  What is causing this phantom to make Avast believe a threat is occurring?  And more importantly to me, how do I fix this?

Thanks in advance!

This email keeps trying to come in; however, Avast blocks it.  I have analyzed the attachment and it is harmless.  The email is almost five years old.  It does not seem to be showing up when Avast is temporarily disabled--only when email shield is on.  What is causing this?

[lukor]

How do you download the email? POP3? IMAP? Is it possible that the mail is still in your mailbox but the mail client is not downloading it again since it already has seen it?

[HK]

Hello tar1827,

Thank you for reporting the issue.
Could you please help us with investigation by providing some data?

Please enable debug logging (Menu > Settings > General > Troubleshooting > Enable debug logging)
Reproduce the issue (start Outlook client and wait till message is received).

Create a support package (https://support.avast.com/en-eu/article/Submit-support-file) and post the ID here.

Thank you very much,
HK

[tar1827]

How do you download the email? POP3? IMAP? Is it possible that the mail is still in your mailbox but the mail client is not downloading it again since it already has seen it?

Thank you for your reply, Lukor.  I use IMAP and your theory was one that I shared; however, Outlook shouldn't see it in any history because I was using Eudora as my mail client back when the email came in and I did not migrate old emails to Outlook.  I was even using a different PC when I got that email.  Same goes for the Android Phone.  I have a different phone and email client now.  So IMAP wouldn't see it as already delivered to these devices.  At least that was my thinking when I posted.

I appreciate your interest.  I am going to try the troubleshooting log and see where that leads.  The whole thing is strange, but my decades of experience with computers assures me that there is some logical explanation that I don't see yet.

[tar1827]

Thanks for the assistance, HK.  I have followed the troubleshooting instructions.  Here is the File ID:
Z553D

[tar1827]

I don't want to seem impatient, but I am left to wonder if anything is happening with this.  I submitted the support package last week and have not gotten any response.  I have had to disable Avast Email Shield in order to be productive because otherwise I get interrupted by a dire warning every couple of minutes. Checking back here to this thread everyday, I have seen no suggestions about how to deal with this problem.

[tar1827]

It has been nearly two weeks since I posted my original question.  Although I did submit the support package, nothing happened.  There appears to be no way to track a ticket or contact technical support directly unless you are a paid subscriber.  Since I have had no success going this route and since the problem still exists unless the shield is permanently disabled, I suppose my next step is to look for an alternative to Avast.

[DavidR]

I have tried to draw attention to your topic and support package ID.

[tar1827]

Thank you, DavidR.  I appreciate your efforts.

[HK]

Hi tar1827,

please accept my apology for late reply.

By looking at you support package nothing suspicious was found except the fact that mentioned message was not the only one what was requested/downloaded by your client. It looks like whole mailbox was downloaded to your computer, where Outlook and Avast are running.

Do you use any other security software or Outlook plugin that might have conflict with Avast? And would you know what imap software is running on your mail server (Dovecot, hMAilServer...)?

Best regards,
HK

[tar1827]

Thanks, HK.  I only use Avast for anti-virus.  I also have Malwarebytes installed but it does not appear to have any features related to email, and I use it for scans on demand (nothing resident).  I am not aware of any Outlook add-ins that could be conflicting.  Honestly, until now I didn't know add-ins exist for Outlook.  I found the list and I cannot see anything in there that would seem to be causing a problem: MS Exchange, MS Sharepoint, Outlook Social Connector, and Send to Bluetooth.  I do see that an Avast Add-in is listed as "inactive" for some reason.  Finally, Windows Search Email Indexer is "disabled."  So I haven't gotten the impression that an add-in would be causing this.  Lastly, the hosting service uses Dovecot for IMAP.

I find your comment curious about the whole mailbox being downloaded because the emails on the host side that are in that folder do not appear in my Outlook client.  So if it was downloaded, I'm not sure where those email are being put in the client.  Did you mean that the client is continually requesting this download to happen and perhaps it is failing?  That would be odd and clearly inefficient.