Author Topic: Sad to see  (Read 8203 times)

0 Members and 1 Guest are viewing this topic.

Offline lukor

  • Avast team
  • Super Poster
  • *
  • Posts: 1883
    • AVAST Software
Re:Sad to see
« Reply #15 on: November 21, 2004, 05:41:37 PM »
Quote
I have created a rule that should allow the local host connection, but everytime i try to send/recieve mail, the firewall blocks it with this info

MSIMN.EXE   localhost:loopback   12110   MSIMN Localhost   0 Bytes   0 Bytes   0 bps   OUT REFUSED    16:29:12   03 sec(s)   localhost:loopback   TCP   1554   ---

BaNzI ;D

Blocked it would not be working. Believe me!

Move msimn.exe to your trusted apps. Or if you insist on rule, the one that's working for me is here:



Lukas

Offline lukor

  • Avast team
  • Super Poster
  • *
  • Posts: 1883
    • AVAST Software
Re:Sad to see
« Reply #16 on: November 21, 2004, 05:49:52 PM »
and with msimn and mailwasher between trusted apps:


Offline BanziBaby

  • Full Member
  • ***
  • Posts: 138
  • Zeppelin Fanatic
Re:Sad to see
« Reply #17 on: November 21, 2004, 05:58:42 PM »
@Lukor, in Outpost i have the Allow loopback global rule disabled (as advised by the outpost forum) If i clear the rules from both Mailwasher & OE, then run mailwasher, it asks for the same connection it asked U for, but if i allow it or create a rule allowing it, it fails to connect to my pop3 server usually with the error Unable to connect to host/unable to resolve host name, same with OE & that is with me allowing the ports it asks for.

Following Ur advice on setting it up manually, i only get one promt for a remote/local address of 127.0.0.1 which i allow & it then checks & downloads my email.

It a pity that the new way of checkin mail seems to be so problematic, i always kinda prefered the old 127.0.0.1 way of doing it, just seemed more secure & it worked.

@Lee, Outpost 1 free version is very old & its doubtfull it will ever be updated, as far as i know it isnt detected by the security centre whereas version 2.5 pro is.I do know i had major probs with the first version of 2.5 & went back to 2.1 till version 370 came out, not had any probs with it since (apart from avast.

Cheers :)

BaNzI ;D

Offline lukor

  • Avast team
  • Super Poster
  • *
  • Posts: 1883
    • AVAST Software
Re:Sad to see
« Reply #18 on: November 21, 2004, 06:13:21 PM »
I don't know Outpost pretty well, but from the short time I am now using it I have observed in several situations the error: unable to resolve host name - for perfectly correct remote hosts. (eg. when connecting to my VPN).  I also noticed logged "attack" in outpost logs. Then, for some time, Outpost blocks access to this remote host (perhaps as some confused anti-attack measure.) even if I later correctly add the required rule. Not even 'ping' or 'nslookup' was allowed.

Couldn't your problems stem from the same source? Eg. Outpost considering localhost:12110 - which is perfectly correct Internet Mail Provider's port - as a source of attack (due to your strict security settings) and then blocking for some time (don't know how long) access to this address (port) ?

I would also be very interrested to know if enabling "Localhost loopback" in global rules would solve your problem. Would you mind checking it?

In all cases, you can alway revert to the oldstyle mail scanning as I mentioned above.

Bye Lukas.




Offline BanziBaby

  • Full Member
  • ***
  • Posts: 138
  • Zeppelin Fanatic
Re:Sad to see
« Reply #19 on: November 21, 2004, 06:27:50 PM »
Lukor, i have been using outpost since version 2.0 & think it one of the best firewalls goin (specially compared to ZA)

U might have found the DNS cache plugin bug, a lot of folk asked about this at the outpost forum & it was recommended to disable it, i had probs with it myself till i disabled it.

The previous 2.5 version did have major probs with My Address attacks (127.0.0.1) i had lots of them just using firefox, when i got one i havd to unblock it & then close FF & reopen it to get it to do any browsing, since i installed version 2.5.370, i havent had anymore probs at all till i decided to try Avast again (it was these probs that made me move to NOD after all version of 4.5 didnt allow me to get my mail.

I am now using the OE rule U posted a screenie off & have added the same ports as U did both to OE & mailwasher & now finally it all seems to work using the new mail protection (i changed it back to the new way to try Ur advice.

I did try enabling the global allow loopback rule in the system settings & rebooted, but it didnt make any difference at all (i was still prompted to make a rule for locahost.

Many many thanks for Ur help Lukor & to others that posted, thanks to U it now seems sorted.I will trial it over the next couple of days to make sure everythin is ok & then move back to using the best AV out there :)

Cheers :)

BaNzI ;D

PS, i will post a link to this thread at the outpost forums incase anyone else has been having probs, im also a big enough man to admit i was wrong to blame avast when it looks like it was outpost's fault, so to Avast team a big sorry for thinkin it Ur prog at fault, & a big smack for outpost for not askin for the other ports :)
« Last Edit: November 21, 2004, 06:33:32 PM by BanziBaby »

Offline lukor

  • Avast team
  • Super Poster
  • *
  • Posts: 1883
    • AVAST Software
Re:Sad to see
« Reply #20 on: November 21, 2004, 06:42:46 PM »
Of course I meant that when asked, you would create the rule - or had you and yet Outpost asked again?

Anyway, I don't pretty understand why be so strict to guard every connection to/from localhost. It's all programs you are already running on your pc, some of them communicate with them selves via network (localhost) and other perhaps communicate by other means you know nothing about from your firewall. Localhost address is not accessible from anyother computer than yours.

But I'm happy to hear that it could be solved by configuring the firewall.

Good day.
Lukas.

Quote
U might have found the DNS cache plugin bug, a lot of folk asked about this at the outpost forum & it was recommended to disable it, i had probs with it myself till i disabled it.

Hmm, I think I'll be better uninstalling the whole think quickly  :P

Offline BanziBaby

  • Full Member
  • ***
  • Posts: 138
  • Zeppelin Fanatic
Re:Sad to see
« Reply #21 on: November 21, 2004, 10:03:00 PM »
Hi Lukor :)

Yee, when prompted i created a rule for it that included the 12110 that it asked for & allowed it, but in the network activity pane i could see both the localhost rule for mailwasher & OE was being blocked for some reason despite it being allowed, i was only prompted for port 12110 & even tried creating a rule with no ports soecified which should have allowed it access to any port/ports it needed.

The reason i have the global allow localhost rule unticked is it is advised to do so in the faq for creating a secure config at the outpost forums, if U use any kind of proxy, then it can be a security risk, the thread is located here http://www.outpostfirewall.com/forum/showthread.php?t=9858

When configured right, it is a very powerfull firewall, the default config for it can be a bit sparse, but then they have to make a default for non technical users :)

Quote
Hmm, I think I'll be better uninstalling the whole think quickly :P  


LOL, give it a try, U never know U might like it, the DNS cache plugin is just a bit flakey,but once disabled there no probs :P

Cheers again for all the help :)

BaNzI ;D