I'm inclined to think such a bypass would be OK for incoming if you enable Security->Anti-Virus->Allow anti-virus clients to quarantine individual incoming messages, check View->Message Body As->Plaintext, and uncheck View->Display Attachments Inline. I'd want to review Thunderbird's behavior WRT #1 and #2 #2 and #3 above and see if there are any Avast side issues before bypassing MailShield. I don't know how fine you would be Hamlet, because 1) I don't know how tightly configured, up to date, etc your provider's email scanner is (relative to Avast's), and 2) I've never tried to get to the bottom of Avast email protection when using Thunderbird with and without MailShield in the path. However, email server certificate issues can occur and I have in the past heard of Avast not catching some.
There shouldn't be any certificate issues to begin with and thus you shouldn't get any warnings from either.
So anyone who isn't comfortable checking those settings in Thunderbird or Avast should do some reading, etc to become comfortable and/or have someone go over that with them.Īs for the certificate checks, one thing you can do is compare what if any certificate warnings Thunderbird gives you to what if any certificate warnings Mailshield gives you.
Avast blocking thunderbird mail software#
Some software has autoconfiguration support, but that can result in settings that aren't quite right. IMO the user has to double check their email server settings no matter what. There are certificate related checks, warnings, etc that are part of establishing a secure connection.
If you rely upon Avast to scan your email in this way you should carefully check its mail related settings and also test its strength in terms of handling secure connections properly. If your email client is configured to pass things in the clear and for whatever reason Avast doesn't translate things to a secure connection or block the connection attempt, you will leak those credentials and then have to change them immediately. So you have to be careful about configuring and enabling/disabling things. You don't want login credentials to leave your machine in the clear and touch an untrusted network. With Avast Mail Shield you don't configure Avast to use specific login credentials it expects them to be passed in the clear by the email client. Such redirection causes problems for some firewalls/OS combos (the Comodo Firewall/Windows7, etc scenarios) though. #1, at least when it is forced by lower level redirection to a local proxy, can grab traffic without the email client's cooperation and in that sense has an advantage I think. There are surely some email clients which don't attempt to call upon an AV and which AV programs don't or can't hook themselves into. #2 can be problematic unless the email client uses a well known API to call upon registered scanners or the AV program is aware of your email client's special approach to that. Other email clients may not and there are likely some that don't assure file system activity before processing incoming or sending outgoing IIRC, Thunderbird has a setting related to this. #3 can be problematic unless the email client cooperates by writing emails to disk and then reading them back. There are several ways a local AV program could have a look at email:ġ) Inserting itself as a proxy between the email client and serverĢ) Being directly or indirectly called upon by the email client via virus scanning APIsģ) Being triggered by the email client's file system activity
0 kommentar(er)
