Hello, I am using Eudora 7 and my ISP force the users to use SSL (port 995), why EAV doesn't scan my mails? I've tried many configurations, but nothing works. Someone can guide me through the procedure? Thank you
the reason it can't scan SSL connections for email is because of the encryption via SSL - if it was easy to hook into and scan the encrypted stream, then it would useless as a way of preventing sniffers from grabbing your private communications.
I'm not entirely sure how it could do it. it MUST scan AFTER the attachment/email "lands" on the client machine. I also read that they 'support ssl email connections'. I don't think there is a way to scan the encrypted stream itself - SSL proxy is the only way I can think of NOT getting an SSL protocol error - but I'm no EXPERT - just a reasonably informed IT person! The only way I think it could do it would be to work as an SSL proxy - ie, it sets itself up between the SSL port of the mail client and the server - during this proxy phase, it would have to decrypt and re-encrypt - I'm not sure if that's possible using the same keys, and could possibly break the ssl tunnel, so I would hazard a guess that a different ssl session would be used - ie... For outgoing, email client encrypts to the ssl proxy - which un-encrypts - scans - then sets up a NEW ssl session to the server using a different ssl session and then delivers to the server encrypted. and coming FROM the server it would do the revserse... Perhaps Marcos could explain how it is accomplished on the part of a product claiming to offer this facility.