Interviewed by CNN on 27/3/2010 22:26, Cecil Bankston told the world: > My Avast antivirus suite keeps showing a message that says I should > disable SSL & TLS in my e-mail client so it can scan the incoming > messages. I didn't see any obvious way to disable those security > functions only in Seamonkey e-mail, as the preferences settings appear > to apply to both browser & e-mail. Is following Avast's advice possible > and if so is it advisable?
I'm using the new Avast 5 too, and I have seen those messages. It perhaps could be a bit clearer, but it indeed is feasible. You have to disable TLS/STARTTLS/SSL in each e-mail server configuration, in the "Server Settings" page. For instance, if you use Gmail, it demands you set up connection security as follows (Gmail dos not allow unencrypted connections): IMAP -- SSL/TLS on port 993 POP3 -- SSL/TLS on port 995 SMTP -- SSL on port 465, or TLS/STARTTLS on port 587 Other ISPs exact settings may be slightly different. Some accept STARTTLS in the same port as the regular (unencrypted) connection. The purpose of all this is to ensure all communication between your mail program and the mail server is encrypted, and therefore safe from eavesdroppers. But there is one problem: your antivirus can't check messages in transit either, and therefore is unable to block virus-carrying messages before the program receives them. What Avast proposes is that you turn off the encryption option in the e-mail program and let *it* handle the encrypted connection with the mail server. When Seamonkey tries to access a mail server, Avast will interpose itself in the data flow. The communication between Seamonkey and Avast is in clear, while the communication between Avast and Gmail (or whatever is your mail provider) will be encrypted. Avast is pretty smart about setting itself up, too. When you open an encrypted channel to a mail provider, Avast will notice it can't check the messages and pop up that warning -- but at the same time, it will take note of the security settings for that particular server. So, if you turn off the "connection security" for that server, the next time you attempt to download e-mail Avast will remember those settings and take care of the encryption for you. If you ever need to hand-tweak those settings, you can find them in Avast under the "Real-Time Shields/Mail Shield/Expert Settings/SSL accounts." You have both encrypted and unencrypted accounts, you may notice that the unencrypted servers are also listed there, with security set as "none." That's normal. -- MCBastos This message has been protected with the 2ROT13 algorithm. Unauthorized use will be prosecuted under the DMCA. -=-=- ... BOFH excuse #136: Daemons loose in system. *Added by TagZilla 0.066.2 running on Seamonkey 2.0.3 * Get it at http://xsidebar.mozdev.org/modifiedmailnews.html#tagzilla _______________________________________________ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey