Author Topic: "SSL/TLS Connection Detected" alert always flashing on screen, won't go away  (Read 83062 times)

0 Members and 1 Guest are viewing this topic.

bwown

  • Guest
Dear all,

This is my first post, and I have registered just write this to hopefully help people out who were having the same prob as me; I'm in no way a technical noob but some of the descriptions on here did not explain enough for me, so here's my FULL explanation of how I got through this problem!!! Consider it an idiot's guide....

Firstly I'm using Apple's "Mail" as my client to access my emails from various hotmail/live accounts through POP3.

The Growl notifications that ket popping up "SSL/TLS Connection Detected....." etc etc mean that Avast has found an incoming connection that it can't scan. The reason it can't scan it is because you probably have SSL/TLS encryption set in your client to keep your emails secure. For Avast to scan emails you need to deactivate SSL in your client, and then tell Avast which servers you're using for email so it can scan them itself instead of your mail client. Until you do this you will get these pop ups every time your mail client refreshes your email inbox, so for me I got 3 pop ups every 5 mins. VERY ANNOYING!!!

So, to disable SSL in Mail do the following:

Go to Mail > Preferences, and here you'll find the list of your email accounts. Click on the Advanced tab and next to the box with your port number in make sure the "Use SSL" check box is empty. If you have more than one email account repeat this for each of them.

This has removed encryption from incoming mail, although apparently Avast doesn't scan your outgoing mail server (smtp). Do not worry though as SSL is still active on your smtp server in Mail and you can check this by:

Keep on the Accounts page in Preferences and click on the Account Information tab. On the "Outgoing Mail Server (SMTP)" drop down list click the bottom option "Edit SMTP Server List", and from here you can choose each server in the top of the window, select the Advanced tab in the bottom of the window and you'll see that "Use Secure Sockets Layer (SSL)" is ticked.

Good. We've turned off SSL on incoming mail, but still have it active on outgoing mail. Now all we need to do is tell Avast which incoming servers to scan.

FIRST...

In my "Keychain Access" I already had the passwords saved for my email accounts under the "login" section, but Avast needs them to be in either the "System Roots" or "System" section. I'm not sure what the difference is so I moved them to "System". To do this find the entries that look like pop3.something.something, mine are all pop3.live.com as all my accounts are with hotmail/live. You can simply drag them into the "System" section on the left, authenticate with your administrator password and they're moved.  YOU MUST DO THIS BEFORE MOVING ON....!

SECOND...

Now we've moved the certificates to the appropriate place for Avast to find them we need to tell Avast what they're called.

Go to System Preferences, click on Avast, and under the "Shields" tab click the Advanced button next to the Mail Shield (if it's greyed out you need to click the padlock in the bottom left corner and authenticate with your password to make changes). Now click on the SSL tab and the list box should be empty. Click the "+" button and type your incoming server hostname i.e. "pop3.live.com" and click Add. (Note under the list it says your certificate should be in the System section of your Keychain BEFORE it's added to this list. This is the bit that stumped me for a while and why you have to move it before doing this step.)

And that should be it!

Not complicated, but if (like me) you found the "helpful descriptions" here not particularly helpful I hope I've explained it fully.

I've had my emails working fine for the past hour or so so I hope I've fixed it as I love Avast on my PCs and would like to have it behaving properly on my Macs too now.

Fingers crossed, and good luck everyone else!!

MattRidge

  • Guest
I would love to see the latest version of the software take care of this... I think with all the security patches that have come out as of late, I'd like to see this on the next version. I hate disabling the SSL/TLS connection. I run a company though my emails, and my system is ungodly locked down when it comes to security. I have m0n0wall, and many other things going through my network... before I see anything.

I love Avast, don't get me wrong, I enjoy the small footprint it offers,  but I am getting annoyed at the lack of SSL/TLS connection support. It makes me worry about other things, such as when I am on my laptop out of my personal network... who can view my emails when using someone else's less secure networks... you can understand where I am coming from I hope.

Offline tumic

  • Avast team
  • Advanced Poster
  • *
  • Posts: 723
I am getting annoyed at the lack of SSL/TLS connection support.

There must be some misunderstanding... Avast for Mac of course supports SSL/TLS in the mailshield. You just have to configure it (like in the Windows version) by disabling SSL in your mail client (one click in Apple mail) and adding the server in the avast! preferences (as simple as typing the servers name and clicking "Add").

Moise

  • Guest
Well, that wasn't easy to sort out.  If you read this far through the thread, make sure that you do everything in the right order as specified by Tumic in his last post on page 2.  In fact, I'd suggest that his post be moved to the start of the thread so that it is totally clear what to do to fix this problem.

Otherwise avast! for the Mac seems fine and there has been no noticeable impact on system performance, unlike any Windows AV software that I've ever tried.