Jump to content

Detect threats earlier of Thunderbird


Recommended Posts

Hi.

We use ESET Protect on-premise and ESET Endpoint Security or ESET Endpoint Anivirus on the clients - version 11. We use Thunderbird as our email client.

I know that you have discontinued native support for Thunderbird, but maybe something could be set better to detect threats earlier.

In Thunderbird, we store emails in the MailDir format, which means that each email is in a separate file. When scanning disks, infected emails are correctly detected and cleaned. However, real-time protection detects nothing. Only unpacking or running the saved attachment triggers the AV action.

In an earlier thread about Thunderbild (https://forum.eset.com/topic/40503-does-eset-scan-the-files-of-thunderbird/#comment-182213) there was an answer that the imap protocol should be scanned when downloading messages. Maybe we set something wrong, because we don't see this behavior of NOD32. We can send/receive test e-mails containing viruses at will and real-time protection detects nothing.

Regards,
Tomasz

Link to comment
Share on other sites

  • Administrators

Please carry on as follows:

  1. Enable advanced logging under Help and support -> Technical support
  2. Receive an email that should be detected (e.g. with the eicar test file in attachment)
  3. Stop logging
  4. Collect logs with ESET Log Collector and upload the generated archive here.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...