hotmail/OE

[TheScorpion]

Hi,
Just recently decided to switch to Avast as my main AV as it appears a good basic AV program.
(AVG8 which I was using has decided to become too bloated, too many things and too problematic!)

I assume that any infection on incoming email will get zapped if it attempts to run even if the incoming email itself is not scanned as it arrives.
I noted that one of my accounts is indeed getting checked while the other two are not.
I use OE and have three accounts set up on it...

1. My main email addy is an SSL one  @my ISP. (I understand that Avast does not scan SSL. This is on ports 465, 995)

2. A second email address that is @my websitedomainname.com (This is being scanned. Ports 80, 110)

3. A third email Hotmail address @hotmail.com (there are no ports listed or SSL mentioned in the account menu for this one)

I was wondering, if it is possible in some way to configure the third account (hotmail address) to be checked  by Avast too and if so, how to go about configuring the settings.

Thanks for any advice.

[Lisandro]

@my ISP can use Stunnel to be scanned (http://forum.avast.com/index.php?topic=10428.0).

@hotmail.com are explained here: http://forum.avast.com/index.php?topic=13089
http://forum.avast.com/index.php?topic=13189

They are not a pop3 email service (unless you pay for pop service), it is web based (so the Internet Mail provider doesn't directly protect it). Web based email is simply your email being viewed in the same way you browser the internet. The pages (that display your email) are downloaded into your Temporary Internet folder, just like regular web pages and displayed on your browser screen.

The Standard Shield will scan your files (as they are downloaded into your Temporary Internet folder) when sensitivity is set to High. You can round this 'problem' using 3rd party applications to download the Hotmail messages through the pop3 server (PopHotmail, for instance).

[alanrf]

I am guessing that you either pay for your Hotmail account or it is a very old free account that has continued to be accessible via OE.  Either way by the end of June 2008 you will no longer be able to access the account as you do now. 

Microsoft is turning off support for the protocol (WebDav) that supports that type of Hotmail account. 

If it is a paid for account then you will be able to use secure POP & SMTP servers provided by Hotmail.  If it is a free account then you will have less choice.  Please see this post for more details.

If you do want to continue to use the Hotmail account in OE then your best bet is to use the free Hotmail to POP converter FreePops (but unfortunately it is for reading mail only and does not support sending)  The small advantage of FreePops is that avast will be able to scan the Hotmail messages as they enter OE.  All Hotmail to POP converters that relied on WebDav will cease to work. 

[TheScorpion]

Tech -thnx for the reply, I'll take a look at Stunnel.

Alanrf - thnx, you are right it is an old hotmail account - I don't pay to receive hotmail through OE. Wasn't aware that this free service was becoming defunct in June, thnx for the heads up.
Looks like I'd better start looking at 'Freepops' if I want to retain this feature, at least to be able to read the hotmails.

Overall though, do you consider it safe enough to not be concerned that email is not being scanned as it actually comes in? I suspect that as long as the program jumps on anything that subsequently tries to start, then that is probably good enough.
Thanks again for the responses.

[Lisandro]

Overall though, do you consider it safe enough to not be concerned that email is not being scanned as it actually comes in? I suspect that as long as the program jumps on anything that subsequently tries to start, then that is probably good enough.

Set the Standard Shield to High level in this case (it's not good for performance, but you need it for security). At least, never open a not-known email attachment.

[TheScorpion]

Thnks. Yes, I have it set to high.

Just found this re' the cut off of Hotmail/OE service that may be of itnterest - looks like a bit of a reprieve at least...

In mid-April, Microsoft announced plans to kill Outlook Express support for Windows Live Hotmail on June 30, 2008, and recommended that affected users use Windows Live Mail instead. Windows Mail, available only for Windows Vista, is the successor to Outlook Express, and Windows Live Mail, currently available for Windows XP and Windows Vista, is the successor to both.

Microsoft explained that the protocol Outlook Express uses to access Windows Live Hotmail, Distributed Authoring and Versioning protocol (DAV), is being replaced by DeltaSynch, which works more efficiently with large inboxes (Windows Live Hotmail offers 5GB for free). Microsoft said that DeltaSynch "support would require too many changes to the Outlook Express software," which has not been updated since Windows XP SP2 arrived in August 2004.

After sending an e-mail with the above information to Outlook Express users, Microsoft received many complaints about the plan to disable the DAV protocol. The Windows Live Hotmail Support Team has reacted to the feedback by delaying the inevitable: "From the feedback we received, it became clear that you needed additional time to evaluate alternative solutions and with this in mind, we are postponing the transition deadline previously announced. This means that you will continue to be able to access your Windows Live Hotmail accounts from Outlook Express beyond the June 30 transition deadline." The company did not provide a new deadline, but the team did promise "enough advance notice."
Further reading

[alanrf]

I believe that, as far as possible, prevention is better than cure. 

By that I mean it is better to keep problems out of your mail store or your disk store in the first place rather than have your antivirus product take steps to fix the problem that you may not like (like quarantining your whole mail file).

That being said, it is probable that your ISP (like most) is using a reputable antivirus scanner on all of your emails for you.   In that case avast is just an added layer of protection and I believe that the risk is much minimized. 

The avast team have advised that the function of managing secure email connections (that you would currently need STunnel to perform) will be provided within the next major release of avast.  This is expected (but not promised) by the end of the year. 

If you do want to try STunnel there are posts here with guidance and we can assist too.  If you take a look at FreePops and need any further help with that then please let me know.     

[alanrf]

Thanks for that, I had missed that update. 

They are probably too busy trying to decide whether to do the same extension for Windows XP.