Jump to content

Still Can't Get Thunderbird E-mail SSL Protocol Scanning To Work


Recommended Posts

I have tried everything I know off to get this to work and E-mail scan count in protection statistics still shows zero in ver. 9.

 

I believe there is a bug for ver. 9 for that counter as it applies to T-Bird E-mail scanning. I set T-Bird E-mail SSL option in Eset's GUI to interactive. I did receive a prompt to allow. This indicates to me that the SSL scanning is initiating for T-Bird.

 

All T-Bird settings are correct for Eset's SSL scanning using IMAPS; port 993, etc. I imported Eset's root cert. into T-bird and set to scan web sites like I did for ver. 8. The only thing I did not try is to set T-Bird's protocol scanning mode to STARTLS from SSL/TLS although SSL/TLS worked fine for ver. 8.

Link to comment
Share on other sites

  • Administrators

What mail server do you use? It seems this can't be reproduced with Gmail as it supports STARTTLS for SMTP which obviously is not filtered by ESET.

Link to comment
Share on other sites

What mail server do you use? It seems this can't be reproduced with Gmail as it supports STARTTLS for SMTP which obviously is not filtered by ESET.

I found the problem and it is what I had suspected initially.

 

If I set off the "trusted sites" option in SSL protocol scanning, all AOL IMAPS incoming traffic is scanned. The server I am connecting to is imap.aol.com. For some reason, this is being interpreted as a trusted site by SSL protocol scanning. Why Eset's SSL protocol scanning is using that feature for client e-mail scanning is beyond me. Please fix this ASAP and let me know when it has been.

 

-EDIT- Specifically what SSL protocol scanning should be doing is ignoring any incoming SSL/TLS traffic to port 993 in regards to a "trusted site" lookup.  

Edited by itman
Link to comment
Share on other sites

  • Administrators

I assumed that too but for me IMAPS communication with Gmail was filtered regardless of that option, hence I ruled it out. We'll see what devs will tell.

Link to comment
Share on other sites

I assumed that too but for me IMAPS communication with Gmail was filtered regardless of that option, hence I ruled it out. We'll see what devs will tell.

I suspect that someone coded something like *.aol.com in the trusted web site whitelist. I did notice that none of the web AOL https sites are being SSL protocol scanned.  

 

Hopefully, there is a way to enter exclusions by domain name in the internal trusted sites whitelist since it appears Eset is scanning all incoming SSL/TLS regardless of port being used. That is good from a security perspective. However, the trusted web site feature should only apply to port 443 traffic.

Link to comment
Share on other sites

  • 2 weeks later...

Bump.

 

Marcos, what is the status on this? I am getting tired of always having to disable the "trusted web site" feature when I want to read my T-Bird e-mail.

Link to comment
Share on other sites

  • Administrators

I've just received a confirmation from developers that this will be addressed in the next build of the Internet protection module.

Link to comment
Share on other sites

I've just received a confirmation from developers that this will be addressed in the next build of the Internet protection module.

Thanks, Marcos.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...