email scanner isn't scanning--I think-help

xp-pro-thunderbird 316-nod 426412 (27days left eval)
whidbey telecom uses ssl 995 465

have read a lot of threads

1st. tbird-nod extension for email scan installed-active on toolbar with options of scanning 1 or all emails again. have tb set to scan all incoming emails and to quarantine.

2nd, NOD--have checked every setting possible from the threads read-tb is intergraded w/nod check ssl with port numbers entered, etc. and every setting I could recheck to be sure from the threads read. tb.exe shows as client.

if i send myself an email--there is nothing in the email-nod log-anything anywhere that states the email was scanned. if in tb on the toolbar I select the nod32 icon and select either rescan only that email, or I highlight all email--select nod32 to rescan all email, I get the same, no indication that one or all of the emails have been scanned--nothing anywhere.

what's left to check and should there be something in the incoming email itself that says it was scanned, in the nod32 log should there be an entry.

I would really like to get this to work, I like the program so for.

 

using SSL ports in Tbird you would NOD SSL protocol filtering enabled, is that what you are mentioning as 2nd? what is the email-nod log you are referring to?

it would show in the NOD statistics



on a side note, just if you are interested, about SMTP SSL port

 

vtol

yes I have ssl filtering--lets start over now after reading your post

OK now I can see under stats-nod32 is doing what it is suppose to--but I don't like what it does at all--can you help with this..

I reset the stats referred to in your post. I wrote an email to myself in NS7.1--mailed it to me and got it in Thunderbird. When I got the email in TB--NOD32 cleaned out the excel file I attached with it (it's a harmless small spread sheet), I got no notification from nod32 that it did this, (which means if it had been from someone I know-I would not even know it was now gone), then there is no way to retrieve that file--nod32 destroyed it--the advanced menu settings for the program states it is being put in the "infected items" folder--where is the folder at--there is no folder like this anywhere on my comp--so where did nod32 come up with that--why did it not create it---if I select "no action" in the advance menu for action on a email scan --then it would be up to me to scan the file--what would then be the purpose of even having the email scanner enable--I think the file should at least be put in quarantine so I can see what it was--then decide if it should be destroyed--but the quarantine is not an option.

what am I missing here--no notification from tb or nod32 that something has been ripped out of the email

 

as I am not using Tbird my input might be limited... also I never get an infectious file via email for NOD to clean, hence I am not fully aware of the alert sequences

the infected items folder is supposed to show up in your email software, like inbox/sent/outbox/drafts. it does so in Outlook, what happens in Tbird I am not aware of. however it is not a folder on your hard disk.



have a look in Tbird to see whether there is such folder, of course only if the option is set a shown above.

to get notified about infected email you need to set the option as shown here



suffice to say that NOD would only have cleaned malicious or suspicious files, still there is the possibility of a false positive - hard to judge without knowing that file. perhaps it contains some macros or VB code that may have triggered NOD to clean it. eventually it is showing in the detected threats log



from NOD help about infected email alerts



and check the cleaning level set for emails