Author Topic: Avast not compatible with SSL ?  (Read 5105 times)

0 Members and 1 Guest are viewing this topic.

mrfreeze

  • Guest
Avast not compatible with SSL ?
« on: February 15, 2005, 05:03:58 PM »
Hi,

since I ve install avast! lastest version (home ed), i m not able to send email who need a SSL secure connexion (with outlook express 6.0, XP SP2)

I v stop the service Internet, outlook and email protection and it works find now but how about my protection ? If i received a virus in my email box, am i protect ?

(sorrry for the poor english it is not my native language)

Thks for the answer

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9408
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: Avast not compatible with SSL ?
« Reply #1 on: February 15, 2005, 05:06:34 PM »
SSL Secure Connections cannot be checked by AV (this applies to all AVs,not just avast!).
MS Outlook/Exchange provider is exception.
Visit my webpage Angry Sheep Blog

mrfreeze

  • Guest
Re: Avast not compatible with SSL ?
« Reply #2 on: February 15, 2005, 05:10:18 PM »
ok,

and if a continu with this configuration (internet/outlook/email protection OFF) am i correctly protect ?

thks

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9408
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: Avast not compatible with SSL ?
« Reply #3 on: February 15, 2005, 05:36:32 PM »
Technically Standard Shield is a last resort protection layer.
Anything that could get past Internet Mail scanner would be most probably detected by Standard Shield. So if you use only Standard Shield you should be fine too.

Warnings about malware in emails will be displayed when you'll try to open attachements (instead when downloading mails). You also won't have special mail heuristics. But thats pretty much all.
If you really have to use SSL(and you don't have any other mail accounts),then you can remove Internet Mail provider and rely only on Standard Shield.
Should be enough imo. I'm using only Network Shield,Standard Shield and Web Shield just because i use GMail as mailbox and it also requires SSL and TLS.
But on the other hand i'm accessing it through web browser (Web SHield keeps it safe :) )...
Visit my webpage Angry Sheep Blog

sded

  • Guest
Re: Avast not compatible with SSL ?
« Reply #4 on: February 15, 2005, 06:19:32 PM »
Many of us have been able to get Avast! to work with SSL email (at least on receive) by using Stunnel and following the instructions in the thread  http://forum.avast.com/index.php?topic=8775.45.  I have been able to set up Outlook Express 6.0 SP2 as well as Thunderbird and Mailwasher for receive with Avast! virus scanning active.  ISP actually uses TLS (not SSL)  for secure SMTP (note SSL in OE is actually TLS,  port 25, not 465 is used) and I haven't been able to figure out how to make Stunnel talk TLS to the ISP SMTP server, although the OpenSSL library says it supports it.  Maybe someone else has?  So I have the SMTP virus scanning turned off and the POP3 virus scanning turned on, and all works well-I am not really concerned about outbound virii anyway.  Give it a try.

lee16

  • Guest
Re: Avast not compatible with SSL ?
« Reply #5 on: February 15, 2005, 06:24:08 PM »
I'm probably wrong here, but if avast had the (PGP keys?) to the SSL/TSL, it could unencrypt it and scan it, sort of the same way it would unpack and then scan an archived file?

--lee

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11865
    • AVAST Software
Re: Avast not compatible with SSL ?
« Reply #6 on: February 15, 2005, 11:16:33 PM »
Well, the possible model would be avast! communicating with the server using SSL/TLS and the e-mail client communicating with avast! in plaintext (i.e. the client couldn't have SSL option enabled, even though the real network communication would be encrypted).

sded

  • Guest
Re: Avast not compatible with SSL ?
« Reply #7 on: February 15, 2005, 11:53:16 PM »
Yes; it would certainly be more convenient to have the SSL/TLS functions in Avast! instead of using Stunnel.  Specific problem being addressed is the proliferation of public WiFi hotspots and the uneasiness about logging into email accounts without encryption in that environment.  Previously I simply used the SSL/TLS receive/send capabilities within Thunderbird and gave up on virus scanning.  With Avast and Stunnel the scanning capability is retained on receive with SSL, and is certainly less important on send with TLS.  And apparently does work on mail systems actually using SSL with SMTP.  A good FAQ topic, at least.