koma3504
Advocate
Premium
join:2004-06-22
North Richland Hills, TX | Re: Mail Changes Coming! Oh so now our incoming pop scanner on whatever A/V wont scan incomoming email?? Like it is already with worldnet accounts. | |
|
 
d_l
Barsoom
Premium,MVM
join:2002-12-08
Reno, NV
| Re: Mail Changes Coming!Are you saying that your A/V scanner won't handle an SSL connection? You can handle that problem by piping the email request through stunnel. so that it looks like this:
email client <-- A/V scanner <-- stunnel <-- POP3 server
It looks complicated and unwieldy. Even though the initial set up can be difficult, once configured the arrangement is set and forget. I've used this for five years connecting to Worldnet with SAProxy in place of the A/V scanner with nary a problem.
The A/V program just needs a configurable hostmap file to set the incoming POP3 port to something other than the standard port 110. | |
|
 |
koma3504
Advocate
Premium
join:2004-06-22
North Richland Hills, TX
| Re: Mail Changes Coming! The average user would not even have a clue on how to do that. Like most older folks as a example.
What if it was a exicuteable that would have normaly been detected by the software of Their choosing that They pay for for just that reason. And now you get infected because it can't scan it as it downloads.
By default most leave outlook express to send and recieve at start up. which I personally prefer to have to click on send and recieve.
So Now you will have more infected machines infecting countless other machines on a daily basis.
--
† Koma †
If YOu Don't Think It's Possable!! It's Acually A Reality!! The best way to predict the future is to invent it. Alan Kay!!
Ya Don't Know The signal Till Ya Ride It!!
Voice Break's There's Trouble!! | |
|
| | 
manfmmd
Premium
join:2003-01-14
Earth
clubs:
| Re: Mail Changes Coming! Not if the AV has active scanning ( I believe that most , if not all of them do if they are running in the background). Like nwrickert  stated, when it tries to load into memory, the AV will stop it.
--
huh? | AIM | Speaker Pelosi?!?...OH THE HUMANITY! | |
|
| | |
koma3504
Advocate
Premium
join:2004-06-22
North Richland Hills, TX
| Re: Mail Changes Coming! Some malaware is desighned when clicked on to disable your A/V So you would still be SOL. when it would be caught before it could attempt to exicute it. as it is now detected with the POP scanner as it downloaded it and Quarantine or disable access to said file. | |
|
| | | |
d_l
Barsoom
Premium,MVM
join:2002-12-08
Reno, NV
| Re: Mail Changes Coming! Well hey, if there is really a hard and fast deadline of March 30, 2007, and some people can't reconfigure their A/V scanner for the new ports and SSL, then they won't be getting ANY mail so they won't be infecting countless other machines on a daily basis. Problem solved. 
Frankly the problem falls back on the A/V programmers for not permitting the use of 995 and SSL for POP3 connections! All email clients have been able use those for the past several years. This change is for email security when people are using their email clients off the AT&T network, e.g. when traveling. Heck, Worldnet instituted this security for travelers years ago.
Maybe AT&T will leave a backdoor server such as pop.sbcglobal.net for those who can't use SSL and won't be leaving the AT&T network? | |
|
| | | | |
koma3504
Advocate
Premium
join:2004-06-22
North Richland Hills, TX
| Re: Mail Changes Coming! Yes your probally correct on it falls back to the A/V Venders.
But that doesnt mean Att should make the internet less secure for all of us.
Those same people will call support on how to change the ports and were right back at Sqare one. They will be infecting countless other computers on a daily bases | |
|
| | | | | 
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
 ·AT&T U-Verse
 ·AT&T Midwest
| Frankly the problem falls back on the A/V programmers for not permitting the use of 995 and SSL for POP3 connections! I'll have to disagree with that.
The way A/V does the email scanning, is to setup a proxy and redirect the mail through the proxy. That allows it to view the data stream from the email client.
The trouble with port 995 and SSL, is that the A/V would only see an encrypted data stream. Thus it would be unable to detect any virus because the encryption would hide it.
It would require the email client not use encryption, and then have the A/V proxy handle the SSL encryption. Setting it up that way is a bit complex for the average user, even if the A/V provides such encryption support.
Simplest is to just turn off the incoming email scanning, and let the A/V catch the virus if there is an attempt to load it into memory. | |
|
| | | | | |
d_l
Barsoom
Premium,MVM
join:2002-12-08
Reno, NV
| Re: Mail Changes Coming! I implied that the A/V would handle the SSL encryption when I blamed the programmers for not permitting the use of 995 and SSL. The A/V program would make the SSL connection on 995, do its checking, and pipe the email to 127.0.0.1 or localhost. The A/V programs are doing this now only connecting unsecured on port 110 instead of 995.
The email client would then simply connect to 127.0.0.1 or localhost using port 110 instead of directly to the AT&T POP server. It really isn't that complicated! Especially if the A/V programmers would finally get their programs up-to-date! | |
|
| | | | | | |
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
·AT&T U-Verse
·AT&T Midwest
| Re: Mail Changes Coming! AT&T tells its customers to set their email client POP settings to use port 995 with SSL.
The customer is expected to read that as "don't touch the email client POP settings, but go into your A/V settings, and set port 995 and SSL for POP in your A/V."
Sorry, but non-technical users will find that quite confusing. | |
|
| | | | | | | |
d_l
Barsoom
Premium,MVM
join:2002-12-08
Reno, NV
| Re: Mail Changes Coming! The directions/instructions for this SSL change over do not HAVE to be restricted just email client POP and SMTP settings. There CAN be alternative setting changes listed for other situations. Geez, Worldnet has an incredible array of elaborate set up instructions for almost every possible situation. AT&T (SBC) owns Worldnet now and wouldn't have to start their instruction set from scratch.
That is unless Yahoo is writing these help instructions. Then maybe there is a reason for the limits of these help pages.  | |
|
| | | |
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
·AT&T U-Verse
·AT&T Midwest
| Some malaware is desighned when clicked on to disable your A/V. The malware still has to be loaded into memory before it can disable A/V.
The only way clicking on malware can disable properly functioning A/V, is if that malware is not currently recognized in the A/V virus tables. In such a case, incoming mail scanning provides no additional benefit, since the malware would not be recognized there either. | |
|
| | | | |
koma3504
Advocate
Premium
join:2004-06-22
North Richland Hills, TX
1 edit | Re: Mail Changes Coming! said by nwrickert :Some malaware is desighned when clicked on to disable your A/V. The malware still has to be loaded into memory before it can disable A/V. The only way clicking on malware can disable properly functioning A/V, is if that malware is not currently recognized in the A/V virus tables. In such a case, incoming mail scanning provides no additional benefit, since the malware would not be recognized there either. I'll have to disagree with this I have seen where the a/v did catch it but it still disabled the A/V and the task manager and regedit.
It's better to catch it as its downloading so it will disable access or Quarantine/Strip the file out of the email.
Giving the User the protection of not even being able to click on it.
--
† Koma †
If YOu Don't Think It's Possable!! It's Acually A Reality!! The best way to predict the future is to invent it. Alan Kay!!
Ya Don't Know The signal Till Ya Ride It!!
Voice Break's There's Trouble!! | |
|
|
jimkyle
Btrieve Guy
Premium
join:2002-10-20
Oklahoma City, OK
·AT&T Southwest
| FWIW I switched to the SSL ports a couple of days ago, using "The Bat!" as my mail client (it calls the ports TLS rather than SSL) and AVG Pro 7.5's plug-in for TB! as an active scanner.
It's still detecting "greeting card.exe" as being suspicious, and quarantining it. Apparently at least one AV package is doing things right (perhaps it's hooking into the mail client AFTER the packets have been decrypted, rather than tapping into the stream between mail client and WAN)... | |
|
|
koma3504
Advocate
Premium
join:2004-06-22
North Richland Hills, TX
| Re: Mail Changes Coming! Well this is good to know. But how many free A/V soulutions will let you do this. Which alot of people use the free stuff.
It would also be good to know which of all the A/V programs free and paid will let you do ssl pop scanning.
Like I rember back when worldnet account was the only email i had the A/V that i currantly use was able to scan all incoming email. Then all of a sudden it quit working.
If i rember correctly it was using 127.0.0.1 localhost to do this.
I have spent alot of time changing stuff from my worlnett account to be sent to my Att/sbc account for that reason and now it looks like i will have to be going though that pianfull proccess agian.
--
† Koma †
If YOu Don't Think It's Possable!! It's Acually A Reality!! The best way to predict the future is to invent it. Alan Kay!!
Ya Don't Know The signal Till Ya Ride It!!
Voice Break's There's Trouble!! | |
|
| | 
KC_User
@sbcglobal.net
 from:
catseyenu
| Re: Mail Changes Coming! "I did try it and I receive an warning on the Security Cert. name does not match."
Change the server name to get rid of the "sbcblobal" and add "att". EG: pop.att.yahoo.com & smtp.att.yahoo.com.
As far as adding ssl to email retrieval and sending is concerned, one benefit would be secure email when using a public wi-fi. | |
|
| |
| | FriscoTX
join:2002-10-11
Frisco, TX
1 edit | Re: Mail Changes Coming! KC_User, thanks for the solution. Thats what I get for skimming the post and just remembering the port numbers. | |
|
|
|
|
