Administrators Marcos 5,074 Posted January 13, 2021 Administrators Share Posted January 13, 2021 Installation on Mac OS 11.1 is possible. Even if you get a warning that the OS is not supported, you can continue with the installation. The OS check will be updated as of the next version which is planned for Jan/Feb 21 and which will also add the firewall system extension. As for ECS being listed twice, this is because it uses two extensions. Software with more extensions appears multiple times in this list. As for issues with email, make sure that IMAPS and POP3S ports are not listed in the list of ports scanned by email protection. Only ports 110 and 143 should be in the list. Link to comment Share on other sites More sharing options...
Martin A 4 Posted January 13, 2021 Share Posted January 13, 2021 1 hour ago, Marcos said: As for issues with email, make sure that IMAPS and POP3S ports are not listed in the list of ports scanned by email protection. Only ports 110 and 143 should be in the list. These are the default settings: Are you saying the default settings are wrong? maverickws 1 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted January 13, 2021 Administrators Share Posted January 13, 2021 2 minutes ago, Martin A said: Are you saying the default settings are wrong? The next version will have them removed and only ports 143 and 110 will be in the list. For some reason it may cause issues on Big Sur even if the POP3S and IMAPS communication was not actually scanned. Link to comment Share on other sites More sharing options...
Martin A 4 Posted January 13, 2021 Share Posted January 13, 2021 3 minutes ago, Marcos said: The next version will have them removed and only ports 143 and 110 will be in the list. For some reason it may cause issues on Big Sur even if the POP3S and IMAPS communication was not actually scanned. Ergo, there is no email protection in Big Sur for secure ports? Is this a feature removal? maverickws 1 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted January 13, 2021 Administrators Share Posted January 13, 2021 Just now, Martin A said: Ergo, there is no email protection in Big Sur for secure ports? Is this a feature removal? SSL filtering has never been supported on Mac OS. It will be added in later v7 versions. Link to comment Share on other sites More sharing options...
Martin A 4 Posted January 13, 2021 Share Posted January 13, 2021 9 minutes ago, Marcos said: SSL filtering has never been supported on Mac OS. It will be added in later v7 versions. Email client protection is not actually protecting email clients using secure ports then? Completely baffling given secure ports are listed by default; even deceptive one might argue. And who uses insecure ports? Not those interested about email client protection I imagine So my takeaway is, users don't actually have the protection that the settings intimate they do, and this has been exposed due to changes in Big Sur which cause said protection that isn't there to crash? In which case, is it that this has never worked, but this was only made evident due to the changes in Big Sur? Did ESET think this was working but it wasn't? Or did they always know but left the settings with secure ports listed by default anyway? More questions than answers. Please explain the logic here. maverickws 1 Link to comment Share on other sites More sharing options...
Martin A 4 Posted January 14, 2021 Share Posted January 14, 2021 My Mac was running very sluggish this morning and I could see ESET taking up to 530% CPU. Rebooting seems to have solved it but there definitely appears to be some sort of issue under the hood. maverickws 1 Link to comment Share on other sites More sharing options...
Martin A 4 Posted January 18, 2021 Share Posted January 18, 2021 On 1/13/2021 at 5:10 PM, Martin A said: In which case, is it that this has never worked, but this was only made evident due to the changes in Big Sur? Did ESET think this was working but it wasn't? Or did they always know but left the settings with secure ports listed by default anyway? Is there an answer to this please? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted January 18, 2021 Administrators Share Posted January 18, 2021 The SSL ports were added a long time ago probably together with the HTTPS port 443 which makes sense and partially enables url blocking for https websites even without support for SSL filtering. Link to comment Share on other sites More sharing options...
Martin A 4 Posted January 18, 2021 Share Posted January 18, 2021 11 minutes ago, Martin A said: Did ESET think this was working but it wasn't? 11 minutes ago, Martin A said: Or did they always know but left the settings with secure ports listed by default anyway? So am I to infer the second statement is true? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted January 18, 2021 Administrators Share Posted January 18, 2021 My understanding is that developers didn't realized that adding IMAPS and POP3S ports to the list won't have the same benefits than adding the HTTPS port. For a long time it hadn't caused any issues until Big Sur. Another AV vendor notified us about the bug they found: We at ... have detected the following issue in macOS BigSur. When MailShield is enabled and some other Network System extension app (Cisco AnyConnect VPN version 4.9, Little Snitch) is installed, Apple Mail stops working with IMAP properly. The issue lies in Apple’s libnetwork.dylib that is used by Apple Mail and Safari. This library starts logging some SSL handshake errors without any connections even arriving to our extension. Our MailShield is built as an NETransparentProxy Network System Extension. Our tests show that the issue occurs even when we reject any incoming connections. Also the Network Extension in Cisco AnyConnect is dormant as only VPN is enabled. We have already checked that the same issue appears between ESET and CISCO. We did not check any other AV. We reported this to Apple a few months ago, but it was not fixed yet. We would like to ask you to check your solution and report similar bugs to Apple to hopefully push this forward a bit faster. Link to comment Share on other sites More sharing options...
Martin A 4 Posted January 18, 2021 Share Posted January 18, 2021 It is good Avast managed to track the issue down. So, will SSL ever be supported for email client protection or is this a no-go? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted January 18, 2021 Administrators Share Posted January 18, 2021 I've mentioned above or in another similar topic that SSL filtering is planned to be supported in future versions. Link to comment Share on other sites More sharing options...
Martin A 4 Posted January 18, 2021 Share Posted January 18, 2021 👍 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted February 4, 2021 Administrators Share Posted February 4, 2021 The issue with downloading email that occurred with SSL ports being in the list of scanned ports has been fixed in Big Sur 11.2. Link to comment Share on other sites More sharing options...
Recommended Posts