Win 7 x64 SP1, Avast 6.0.1289
Now that I have my Win 7 firewall outbound rules set up, I am getting this strange outbound firewall alert from port 143 at boot time. Is this OK to allow? I don't use any e-mail except ISP based e-mail.
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 10/20/2011 3:31:57 PM
Event ID: 5157
Task Category: Filtering Platform Connection
Level: Information
Keywords: Audit Failure
User: N/A
Computer: Don-PC
Description:
The Windows Filtering Platform has blocked a connection.
Application Information:
Process ID: 4
Application Name: System
Network Information:
Direction: Outbound
Source Address: fe80::2401:1c51:9da4:dbc4
Source Port: 143
Destination Address: ff02::16
Destination Port: 0
Protocol: 58
Filter Information:
Filter Run-Time ID: 129197
Layer Name: Connect
Layer Run-Time ID: 50
Event Xml:
<Event xmlns="
http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
<EventID>5157</EventID>
<Version>1</Version>
<Level>0</Level>
<Task>12810</Task>
<Opcode>0</Opcode>
<Keywords>0x8010000000000000</Keywords>
<TimeCreated SystemTime="2011-10-20T19:31:57.106526900Z" />
<EventRecordID>28175</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="60" />
<Channel>Security</Channel>
<Computer>Don-PC</Computer>
<Security />
</System>
<EventData>
<Data Name="ProcessID">4</Data>
<Data Name="Application">System</Data>
<Data Name="Direction">%%14593</Data>
<Data Name="SourceAddress">fe80::2401:1c51:9da4:dbc4</Data>
<Data Name="SourcePort">143</Data>
<Data Name="DestAddress">ff02::16</Data>
<Data Name="DestPort">0</Data>
<Data Name="Protocol">58</Data>
<Data Name="FilterRTID">129197</Data>
<Data Name="LayerName">%%14611</Data>
<Data Name="LayerRTID">50</Data>
<Data Name="RemoteUserID">S-1-0-0</Data>
<Data Name="RemoteMachineID">S-1-0-0</Data>
</EventData>
</Event>