Author Topic: Secure Mail Server Issues  (Read 80129 times)

0 Members and 1 Guest are viewing this topic.

Thom

  • Guest
Re:Secure Mail Server Issues
« Reply #30 on: December 04, 2004, 01:27:04 PM »
I take it this qualifies as proof that it's working?

-----------cut and pasted header------------

X-Envelope-To: <software@someisp.org>
Return-path: <apache@rs03.avast.com>
Received: from rs03.avast.com (67.15.62.22) by someisp.org (Mercury/32 v3.32) with ESMTP ID MG000166;
   4 Dec 04 05:12:43 -0700
Received: from rs03.avast.com (localhost.localdomain [127.0.0.1])
        by rs03.avast.com (8.12.11/8.12.11) with ESMTP id iB4CIWnB012848
        for <software@someisp.org>; Sat, 4 Dec 2004 13:18:32 +0100
Received: (from apache@localhost)
        by rs03.avast.com (8.12.11/8.12.11/Submit) id iB4CIW14012846;
        Sat, 4 Dec 2004 13:18:32 +0100
Message-Id: <200412041218.iB4CIW14012846@rs03.avast.com>
To: software@someisp.org
Subject: Topic reply: Re:Secure Mail Server Issues
From: "ALWIL Software Forums" <webadmin@asw.cz>
Date: Sat, 04 Dec 2004 12:18:32 +0000
X-Antivirus: avast! (VPS 0449-1, 12/02/2004), Inbound message
X-Antivirus-Status: Clean

-------------end cut and pasted header ------------

So, this might be a viable solution to what seems to be keeping many people other than me up in the middle of the night?

Thanks.

yildi

  • Guest
Re: Secure Mail Server Issues
« Reply #31 on: January 13, 2005, 10:42:17 AM »
I am a little confused here. It would be really nice to put in place a FAQ explaining how to configure MAILCLIENT+SPAMFILTER+AVAST+STUNNEL for getting and sending mail from a SSL server like GMAIL. GMAIL is invading the mail sphere and it would be a pity if Avast was not compatible with it :-(   

Such a configuration tunnelling through SSL, Anti-virus and Anti-spam is rather complex....

Thanks for your help!

Murat

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Secure Mail Server Issues
« Reply #32 on: January 13, 2005, 10:50:54 AM »
Have you any idea on how many spam filters there are? Explaining it in a faq would make the faq look like a very thick encyclopedia ;D

Avast does not support ssl.
« Last Edit: January 13, 2005, 12:53:29 PM by Eddy »

yildi

  • Guest
Re: Secure Mail Server Issues
« Reply #33 on: January 13, 2005, 12:50:22 PM »
Hi,

I am conscious that there are many mail clients and spam filters. this is why I do not precise anyone in particular. As far as I know, the general structure of the connections on this chain is quite generic and uses an articulation of different port numbers. What I am asking for is a generic structure of these server names (locahost, 127.0.0.1, distant mail host, etc.) and port numbers and not the specifi way in which this configuration is implemented in each particular client software... So I think that this should be possible with a little bit of abstraction about the specificities of each client... hoping that each user is able to implement the connection structure in his/her specific environement. Without the specificities of different clients, even the general connection structure is sufficiently complex to merit a FAQ item...Tell me if this is stupid....

Murat

yildi

  • Guest
Re: Secure Mail Server Issues
« Reply #34 on: January 13, 2005, 01:25:01 PM »
If a general information seems difficult to put together, let me expose my particular case.

I am trying to configure ThunderBird - Spamhilator-Avast-Stunnel pour GMail.

I have deactivated SSL everywhere leaving Stunnel  to take care of this.

IN TB I have the following account set :

Server name : localhost Port : 120 (listened by Spamhilator)
Username: localhost&myaccountname&11110 (port used by Stunnel)

In Avast.ini I have:
PopRedirectPort=110,1110,1120,11110

In Stunnel I have:

client=yes
[gmail-pop3s]
accept=localhost:11110
connect=pop.gmail.com:995

When I wheck my mail with this configuration, I can get mails but they are not checked by Avast (the note about cleanness is not introduced even if I ask for it in the configuration of the Mail Shield in Avast - I have stopeed and restarted it). I can also see the protection information in the header but only for the outgoing operation (I use another account without SSL to send the message to my gmail account and this simple account is scanned for the outgoing mail).

What am I doing wrong to have the scanning of the incoming mail?

Thank you very much in advance for your help.

Murat

yildi

  • Guest
Re: Secure Mail Server Issues
« Reply #35 on: January 13, 2005, 07:19:45 PM »
Is my question stupid too? I have not been able to locate a full explanation for such a configuration in these forums. So I really need your help to understand what I am doing wrong....

Murat

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Secure Mail Server Issues
« Reply #36 on: January 13, 2005, 07:25:18 PM »
Your question is not stupid at all, imo.
But your setup is very unusual. (the Stunnel part). Not much people know it or have experience with it, so it can take a couple of days before someone reads your question and is able to answer. Have a little patience I would say.

Does everything work if you leave Stunnel out of it?

yildi

  • Guest
Re: Secure Mail Server Issues
« Reply #37 on: January 13, 2005, 08:38:45 PM »
Thank you for assuring me Eddy,

I have added the STunnel part following the solution proposed in this thread. This seems necessary since Avast cannot filter an SSL connection and GMail pop requires an SSL connection. Before trying this solution I could connect SSL to GMail using Thunderbird but in this case I do not benefit from the protection provided by Avast and I would not like to live as dangerously as this :-(  So, following the suggestions of this list, I am trying to put Stunnel in charge of the SSL in order for Avast to be able to filter this flow before encryption and after decryption...  I can check my mail but it is not filtered by Avast for a reason that I do not undestand (I asked Avast to listen to the corresponding port but it does not seem to recognize it as a Pop flow....).

So I have thought that the people participating to this thread would be able to help me to solve this problem....

Murat

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Secure Mail Server Issues
« Reply #38 on: January 13, 2005, 09:07:10 PM »
Quote
I would not like to live as dangerously as this
I agree, better be protected than not being protected.

Quote
So I have thought that the people participating to this thread would be able to help me to solve this problem....
I'm sure there is someone who can help you in detail on this. As I said, be patience.

In the mean time,
- open the on-acces control panel
- go to the standard-shield provider
- click "customize"
- click "scanner (advanced tab)
- enable "scan created/modified files"
- and enable/check "all files" there

That will make sure that the files (emails are stored as files on your system) are scanned, till there is another solution.

yildi

  • Guest
Re: Secure Mail Server Issues
« Reply #39 on: January 14, 2005, 01:28:21 PM »
Thanks Eddy,

Knowing that all mails will nevertheless be checked by Avast is assuring. I hope that this will not slow too much my computer given all the mboxes that are modified each time I have several messages going in different mailboxes (each mailbox is a file under ThunderBird). So I would prefer to have a more standard solution but in the waiting, I feel more secured with this solution.

Thanks a lot!

Murat

yildi

  • Guest
Solved!!!
« Reply #40 on: January 14, 2005, 07:24:26 PM »
OK,

I think I have solved this problem. Here is my configuration:

I am trying to configure ThunderBird - Spamhilator-Avast-Stunnel pour GMail.

I have deactivated SSL everywhere leaving Stunnel  to take care of this.

IN TB I have the following account set :

Server name : 127.0.0.1 Port : 120 (listened by Spamhilator)
Username: 127.0.0.1&myaccountname&11110 (port used by Stunnel)
                                                                (11110 is the port that will be used by Stunnel)

In Avast.ini I have:
[MailScanner]
...
PopRedirectPort=110,1110,1120,11110   #(We ask Avast to listen to this port -11110 )
SmtpRedirectPort=25,215,225,1025,11025
IgnoreLocalhost=0

The last line was missing

In Stunnel I have:

client=yes
[gmail-pop3s]
accept=127.0.0.1:11110   #Here the error was localhost instead of 127.0.0.1
connect=pop.gmail.com:995

I get now in the bottom of messages from gmail:

---
avast! Antivirus: message Entrant propre.
Base de donnÚes des virus (VPS): 0502-3, 14/01/2005
Test du: 14/01/2005 19:23:18
avast! - copyright (c) 2000-2004 ALWIL Software.
http://www.avast.com

I think that this structure could be generalized to other clients... The parts that must be adapted are the port listened by the SPAM filer (120 for Spamhilator) and the codification of the server and user names and the port to listen (11110) for the SPAM filter and AVAST. The rest should be quite generic and transposable.

I need now to launch stunnel as a service (using stunnel -install)

Murat

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Solved!!!
« Reply #41 on: January 14, 2005, 07:34:30 PM »
I think that this structure could be generalized to other clients...

Very thanks for posting...
I'll try Stunnel again and see if I can get my GMail account.
I use Spami and avast too
Thanks  8)
The best things in life are free.

yildi

  • Guest
Re: Secure Mail Server Issues
« Reply #42 on: January 14, 2005, 07:42:38 PM »
I would like to know if this scheme is easy to transpose. So your expriemnt is important  :)
If you find that it works and it is easy to implement, we could propose it for the FAQ or for a sticky post....

Good luck :-)

Murat

yildi

  • Guest
Problems again...
« Reply #43 on: January 15, 2005, 01:03:04 PM »
Hi,

It seems that I have rejoiced too early... :-(

Yesterday evening everything seemt to work but this morning I cannot check my normal (non SSL) POP accounts...

The problem seems to be related to

IgnoreLocalhost=0

In Avast.ini

If  IgnoreLocalhost=0, I can check gmail through Avast but when I check my normal POP accounts I get an erronr message in TB:
"Sending of password did not succeed. Mail server 120.0.0.1 responded: -ERR Cannot connect to POP server 120.0.0.1 ( 120.0.0.1 :110), self connecting"
but I can check gmail and the mails are filtered by Avast

If  IgnoreLocalhost=1, I can check my mails in the normal accounts but I cannot check gmail.

So there seems to be a contradiction between these two operations...
I would like to be able to check both kind of accounts using different ports....

Does anybody any idea about what is going here and the possibility of a solution.... I really hope that this problem has a solution...

Thank you nin advance.

Murat

yildi

  • Guest
Re: Secure Mail Server Issues
« Reply #44 on: January 15, 2005, 02:16:40 PM »
Moreover this setting (IgnoreLocalhost=0) is necessary in order to use secure SMTP through GMail (through Stunnel again).

If I have IgnoreLocalhost=0, all connections through localhost:11110 (POP) and localhost:11025 (SMTP) works but the connection through 127.0.0.1:110 does give the error message of my preceding mail.

If I have  IgnoreLocalhost=1, I get just the inverse result...

It would be nice to have both type of connections workings without having to each time change avast.ini...

Murat