Hey guys

that's weird - I could set Imon to check 9110 instead of using 110 when I was using spampal and b9 together but now I am using gmail that wants to use ssl/tsl Port 995 - but Imon is not checking it - at least I don't get the footer.

Any ideas??

Ruben

OH: OS: win2ksp4 Nod 2.13.3

{QUOTE-> Any ideas?? <-QUOTE}

tosbsas

Encryption would be my first thought. Guessing.

You saying imon cannot check it - or it can't write the footer

Ruben

tosbsas

To my way of thinking, NOD would have to decrypt the mail to check it. I'm sure Nod can't decrypt it so it wouldn't be checked in the standard way.

This is my theory. If anyone else know differently----------

Don't think so, cause when sending or receiving a PGP mail I can see the transparent Imon window checking the mail

Ruben

Ruben

Maybe someone will have a better idea. :)

Gmail configuration

Incoming Mail (POP3) Server – requires SSL: pop.gmail.com
Use SSL: Yes
Port: 995
Outgoing Mail (SMTP) Server – requires TLS: smtp.gmail.com (use authentication)
Use Authentication: Yes
Use STARTTLS: Yes (some clients call this SSL)
Port: 465 or 587
Account Name: your Gmail username (including '@gmail.com')
Email Address: your full Gmail email address (username@gmail.com)
Password: your Gmail password

Ruben

From the NOD help file.

Note: For that IMON works on Winsock level, it is not possible to make it check encrypted SSL communication on port 995. Also, adding ports used by other protocols (e.g. MAPI, FTP, etc.) will not make IMON check that communication either

Hi,
I've a Gmail account too. You can use Outlook 97/2000/2002 (XP)/2003 and install the latest version of EMON (Beta 1). If you do that, EMON will check both incoming and outgoing messages independent of ports, protocol used... EMON work independent of IMON. Note that EMON only work with Outlook, so EMON doesn't work with Outlook Express. The other thing that you can do is install The Bat! and get the NOD32 plugin. Anyway, without EMON, IMON... AMON will detect any attemp of viruses...

{QUOTE-> The other thing that you can do is install The Bat! and get the NOD32 plugin. Anyway, without EMON, IMON... AMON will detect any attemp of viruses... <-QUOTE}
so in that case EMON sucks :>

Low level interception (WinSock) modules cannot check secure connections (SSL/TLS). Special plugins for MS Outlook are totaly different thing since they check mail when its already in inbox (decrypted).
So don't bother setting up secure connection mails.

Cheers ronjor for the link.

Does this mean it's risky using gmail? If someone send me an infected file, NOD will not detect it when I download it from the server?

You will have to trust amon (:--)9

Ruben

In my original post, abhi say Gmail doesn't support exe files, but didn't I read somewhere exe files could be disguised?

I don't personally know how to go about disguising a exe file (could be as simple as changing the .exe to .jpg)

Does Google actually scan the attachment and if it contains exe codes, will refuse it?

Are there any AV that will scan SSL Port 995?

The reason I am asking this is because I am building a PC for my mother, it will have a Non-English XP installed, along with some other Non-English software.

I will need to configure the system to be as secure as I can. She is an absolute newbie to the world of PC. She has never ever used one, but is starting to get interested in using emails, and web surfing. She'd like to keep in touch with friends and family in HK. She only just got her first ever email account (Gmail ;D )

She knows nothing about viruses and worms. I will lecture her on it, but I just cannot trust her not to open files without scanning it first (mothers ::) )

She also live about 400 miles away, so I don't really want the system to go belly-up, and me going up there to 'fix' it...

From a security point of view, would I be betting off paying for a pop box, and setting that up for her, and forget about gmail?

With pop mail boxes, at least I know all emails and attachment are scanned by NOD, whereas Gmails aren't.

Thanks

EMON?
Plus, don't be too concerned with not being able to scan gmail - if you've got the rest of it configured properly there should be a neat zero opportunity (via AMON/DMON) for anything that may manages to get in that way.

Even if you change extension from EXE to JPG,that wouldn't be executable anymore,but a very "corrupted" image. So in the end the file would be useless.