Jump to content

Recommended Posts

  • Administrators
Posted

Installation on Mac OS 11.1 is possible. Even if you get a warning that the OS is not supported, you can continue with the installation. The OS check will be updated as of the next version which is planned for Jan/Feb 21 and which will also add the firewall system extension.

As for ECS being listed twice, this is because it uses two extensions. Software with more extensions appears multiple times in this list.

As for issues with email, make sure that IMAPS and POP3S ports are not listed in the list of ports scanned by email protection. Only ports 110 and 143 should be in the list.

Posted
1 hour ago, Marcos said:

As for issues with email, make sure that IMAPS and POP3S ports are not listed in the list of ports scanned by email protection. Only ports 110 and 143 should be in the list.

These are the default settings:

Notification_Center.png.a5f3d6775c0f9f06af8e771e3097b98a.png

Are you saying the default settings are wrong?

  • Administrators
Posted
2 minutes ago, Martin A said:

Are you saying the default settings are wrong?

The next version will have them removed and only ports 143 and 110 will be in the list. For some reason it may cause issues on Big Sur even if the POP3S and IMAPS communication was not actually scanned.

Posted
3 minutes ago, Marcos said:

The next version will have them removed and only ports 143 and 110 will be in the list. For some reason it may cause issues on Big Sur even if the POP3S and IMAPS communication was not actually scanned.

Ergo, there is no email protection in Big Sur for secure ports?

Is this a feature removal?

  • Administrators
Posted
Just now, Martin A said:

Ergo, there is no email protection in Big Sur for secure ports?

Is this a feature removal?

SSL filtering has never been supported on Mac OS. It will be added in later v7 versions.

Posted
9 minutes ago, Marcos said:

SSL filtering has never been supported on Mac OS. It will be added in later v7 versions.

Email client protection is not actually protecting email clients using secure ports then?

Completely baffling given secure ports are listed by default; even deceptive one might argue.

And who uses insecure ports?  Not those interested about email client protection I imagine

So my takeaway is, users don't actually have the protection that the settings intimate they do, and this has been exposed due to changes in Big Sur which cause said protection that isn't there to crash?

In which case, is it that this has never worked, but this was only made evident due to the changes in Big Sur?  Did ESET think this was working but it wasn't?  Or did they always know but left the settings with secure ports listed by default anyway?

More questions than answers.

Please explain the logic here.

Posted

My Mac was running very sluggish this morning and I could see ESET taking up to 530% CPU.

Rebooting seems to have solved it but there definitely appears to be some sort of issue under the hood. 

Screenshot_14_01_2021__11_24.png

Posted
On 1/13/2021 at 5:10 PM, Martin A said:

In which case, is it that this has never worked, but this was only made evident due to the changes in Big Sur?  Did ESET think this was working but it wasn't?  Or did they always know but left the settings with secure ports listed by default anyway?

Is there an answer to this please?

  • Administrators
Posted

The SSL ports were added a long time ago probably together with the HTTPS port 443 which makes sense and partially enables url blocking for https websites even without support for SSL filtering.

Posted
11 minutes ago, Martin A said:

 Did ESET think this was working but it wasn't?

 

11 minutes ago, Martin A said:

Or did they always know but left the settings with secure ports listed by default anyway?

 

So am I to infer the second statement is true?

  • Administrators
Posted

My understanding is that developers didn't realized that adding IMAPS and POP3S ports to the list won't have the same benefits than adding the HTTPS port. For a long time it hadn't caused any issues until Big Sur. Another AV vendor notified us about the bug they found:

We at ... have detected the following issue in macOS BigSur. When MailShield is enabled and some other Network System extension app (Cisco AnyConnect VPN version 4.9, Little Snitch) is installed, Apple Mail stops working with IMAP properly. The issue lies in Apple’s libnetwork.dylib that is used by Apple Mail and Safari. This library starts logging some SSL handshake errors without any connections even arriving to our extension.

Our MailShield is built as an NETransparentProxy Network System Extension. Our tests show that the issue occurs even when we reject any incoming connections. Also the Network Extension in Cisco AnyConnect is dormant as only VPN is enabled. We have already checked that the same issue appears between ESET and CISCO. We did not check any other AV. We reported this to Apple a few months ago, but it was not fixed yet. We would like to ask you to check your solution and report similar bugs to Apple to hopefully push this forward a bit faster.

Posted

It is good Avast managed to track the issue down.

So, will SSL ever be supported for email client protection or is this a no-go?

  • Administrators
Posted

I've mentioned above or in another similar topic that SSL filtering is planned to be supported in future versions.

  • 3 weeks later...
  • Administrators
Posted

The issue with downloading email that occurred with SSL ports being in the list of scanned ports has been fixed in Big Sur 11.2.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...