In & out email scans

[Miles]

Apparently something is missing in the instructions -- at least I couldn't find it and had to spend an hour testing different methods. Using WinXP, Thunderbird 2.0.10, ATT DSL-att/yahoo, & Avast 4.8.

Deleted AVG & installed AVAST. Pop server read 5100, no SSL, server 127.0.0.1.  Couldn't send a msg.  Changed it to ATT default: pop.att.yahoo.com, use SSL, 995 and could send/receive.  However, Avast is not scanning as proven by lack of txt msg at end of test emails.  Eventually changed it to port 110 & secure connection to never and that works.

Then for SMTP changed it from port 465, with SSL to port 25, no secure connection and that works!

Searched and searched help, tutorials, website and did not find the answer.  Finally got a clue from the forum where one inquired as to SeaMonkey.  Although it didn't completely provide the answer, it put me on the right track.  Interesting that the website reads that with version 4.5 no changes need be made -- and there is no mention of ports and security.    Without this information, the average user will be either not use Avast or will use it without full protection and not be aware.

[DavidR]

You were right to change it back to the normal server address as AVG didn't set it back.

However, avast in the current version can't scan SSL secure encrypted email, that is its purpose to keep out prying eyes out. Version 5.0 of avast should be able to cope with secure communication.

Changing the ports to the standard ports won't work if you also set it to use SSL, the same adding 995 and 465 to the respective redirects won't work either for the above reason avast can't scan encrypted email from the outside.

You would have to use a third party tool, STunnel to enable avast to scan the email either before it is encrypted or after decryption (and STunnel handles SSL communication).

See these topics, though it mentions gmail, the principle is the same
Gmail and Avast Providers
Redirecting multiple SSL accounts
Stunnel now comes as an installer which installs Open SSL and Stunnel so now you just have to download the installer version from here http://www.stunnel.org/download/binaries.html

[Miles]

Thanks for the reply. We can only hope that version 5 is not far into the future so that new users will not become frustrated attempting to set up, or will simply not be checking emails.  As for me, believe I'll wait for version 5 rather than installing for software and again changing the setup.   Any idea how long it will be before 5 is released?

[DavidR]

We are hoping that some of us will be able to start trialling the alpha version of it soon. But it is likely to be sometime in the 3rd quarter of the year for a final release, fingers crossed.

I believe att/Yahoo scan the emails at source, thought the usual common sense approach should stand you in good stead; don't open attachments in unsolicited emails (never open them directly from emails unsolicited or otherwise, save and scan); never click directly on links in unsolicited emails, etc. etc.

[Miles]

As mentioned in my 1st msg, I do have Avast working for both in and out msgs.
Thanks again,
Miles

[DavidR]

Sorry, I thought that att/Yahoo insisted on a using SSL secure email connection. If not no problem then.