Email - IMAP and SSL question

Discussion in 'ESET Smart Security' started by DesertRat, Jul 21, 2008.

Thread Status:
Not open for further replies.
  1. DesertRat

    DesertRat Registered Member

    Joined:
    Jul 12, 2008
    Posts:
    32
    I've just downloaded and looked at the Smart Security manual and I see that it explicity states support for IMAP,and even HTTP email.

    (1) Is it able to do this proactively, or is as before in NOD32 v2.7, where the protection comes into play when an attempt is made to actually open a "bad" message or save a "bad" file?

    (2) Regarding SSL server connections, I could not find "SSL" in the documentation. Does Smart Security work at a level where where the type of connection to an IMAP or SMTP server is irrelevant?
     
  2. Eryan

    Eryan Eset Staff Account

    Joined:
    Jan 17, 2008
    Posts:
    181
    Hi,

    1) Yes, messages are scanned while being downloaded

    2) ESS does not support scanning over SSL yet. While using an SSL connection, files will be scanned after download by the real-time scanner.
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    The plugin for MS Outlook works regardless of the protocol used because the scanner receives messages from MS Outlook via MAPI and does not care about the way it was received by the email client.
     
  4. DesertRat

    DesertRat Registered Member

    Joined:
    Jul 12, 2008
    Posts:
    32
    Good replies, Marcos and Eryan - Thank you.

    If I understand what you're saying, this is what I can expect:

    * If I'm using a MAPI client, especially (or particularly?) Outlook, then regardless of the type of connection, encrypted or not, I can expect EMON-like behavior from Smart Security (with additional security layers, IMON-like and AMON-like, upon opening the message or manipulating an attachment?)

    * If I'm NOT using a MAPI client AND the connection is encrypted, then I can expect AMON-like behavior, with some IMON thrown in in the case that there are automatically downloadable links in the message.

    * If I'm NOT using a MAPI client AND the connection is NOT encrypted, then once again, I can expect EMON-like behavior.

    * And I guess, presumably, this goes for POP3 or IMAP (in the case that the message is actually downloaded and cached).

    I don't know how Microsoft's Outlook Connector for Hotmail/Live Mail actually works, but it looks an awful lot like Outlook is trying to present it as if it's IMAP. I should have asked in the first place, but do you suppose Smart Security is treating that connector as if it's IMAP?

    For what it's worth, I have actually gone ahead and downloaded Smart Security as a trial and installed it on "fresh" workstation for testing. So far, so good (except for any "unknowns", like what might happen with e-mail). I might add that the "automatic" settings for the firewall weren't inclusive enough to be useful. "Automatic" might have worked had I been able to manually preset some applications, but I couldn't determine how to do so. I found "interactive" to be the likely candidate for that setting. I couldn't seem to make a "scan memory" setting stick in a profile, either.

    Otherwise, I'm impressed with the interface and the performance. Very nice. Very streamlined. I'm going to recommend it over NOD32 A/V for stand-alones and peer-to-peer LANs, I believe. In this case, I'm going to go ahead and install it on a 4-workstation LAN. An evalutation of Active Directory-integrated workstations with Exchange and whether or not Smart Security works with Remote Administrator is a question I'll look at later.

    Regards...
     
Thread Status:
Not open for further replies.