Author Topic: Double Pop3 scanning on upgrade  (Read 2660 times)

0 Members and 1 Guest are viewing this topic.

redmond

  • Guest
Double Pop3 scanning on upgrade
« on: December 04, 2004, 06:50:36 PM »
This is really a "ini" file question.

I had Avast proxy chained with a mail filter set to port 1123. When the 4.5 updates came through I started getting many double warnings on infected / suspicious mail. (which I thought was a bug).

Today it dawned on me that the mail was getting double scanned once on port 110 and again on 1123.

I like it scanning on port 110 and simply reset my "ini" file to the default as posted in the "ini" file thread and changed all the entries in my mail client (12+ email accounts).

However, If I had not wanted too, could I have turned off the port 110 scanning?

My "ini" file looked like this during the double scanning:

[MailScanner]
DefaultPopServer=127.0.0.1:123
DefaultSmtpServer=127.0.0.1:123
ShowTrayIcon=1
UseDefaultSmtp=0
AutoSetProtection=0
PopListen=127.0.0.1:1123
SmtpListen=127.0.0.1:25
ImapListen=127.0.0.1:143

RD

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re:Double Pop3 scanning on upgrade
« Reply #1 on: December 04, 2004, 07:56:46 PM »
Which port does your email client listen? I mean, your email program downloads messages at which port?

If it uses the 110, and you have Windows XP, the new email detection will listen the 110 traffic too. Double scanning (maybe?).
Can't you change your email accounts to 1123?
Why your default pop3/smtp server into avast are on 123?
The best things in life are free.

redmond

  • Guest
Re:Double Pop3 scanning on upgrade
« Reply #2 on: December 04, 2004, 08:52:34 PM »
I should have said WinXP SP2.

I had Mail Client >>Into Popfile (Mail classification) localhost port 123 >>Into Avast localhost port 1123>> To external pop server port 110.

I wanted Avast to scan first when entering the local computer as catching a virus where popfile stores messages could/has locked popfile. This setup worked fine for around a year. It still worked after the 4.5 upgrade, but I got double warnings.

After I reset the avast.ini and the mail client settings (for popfile only) everything works fine.

My question is for other popfile users who have a similar setup based on documentation on that site (who do not want to reset their mail client settings) if there is a way to get Avast 4.5 not to scan on port 110.

There is no question that the automatic upgrade caused double mail scanning when setup like mine. I wanted to alert you to the fact that someone setup for "proxy chaining" can get double scanning. I also wanted your input before I go change the popfile document.

cheers,

rd

Offline lukor

  • Administrator
  • Super Poster
  • ***
  • Posts: 1884
    • AVAST Software
Re:Double Pop3 scanning on upgrade
« Reply #3 on: December 04, 2004, 09:37:26 PM »
you can control avast behavior with these .ini file settings:

AutoRedirect=1
IgnoreLocalhost=1
PopRedirectPort=110
SmtpRedirectPort=25
ImapRedirectPort=143

Specificaly if you wanted to disabled port 110 and scan POP3 on 1123, change the line

PopRedirectPort=1123.

On the other hand, when you would setup all your mail clients (including 'Popfile') "as if avast! is not installed", that is:

Outlook Express -> PopFile at localhost:123 -> pop3.domain.net:110 -> (avast! transparent scanner) -> pop3.domain.net:110

you wouldn't get a double scan. Your connections would be scanned just when they leave you PC - that is the communication between PopFile and the POP3 server on the internet.

redmond

  • Guest
Re:Double Pop3 scanning on upgrade
« Reply #4 on: December 05, 2004, 12:23:04 AM »
excellent!

That is what I needed to know!

cheers,

rd