Eudora mailbox .mbx errors ?

Discussion in 'NOD32 version 2 Forum' started by John2222, Sep 27, 2005.

Thread Status:
Not open for further replies.
  1. John2222

    John2222 Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    140
    I'm new to Nod32, but I notice that during a manual scan that Nod32 seems unable to scan the saved email mailbox folders/files.

    I get lots of error messages like this:
    D:\Eudoradata\mysave.mbx »MIME » - error occurred while reading archive

    Should I worry about this? Is this normal? I'm assuming Nod32 doesn't have an unpacker for mbx files.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    mbx files are not supported, just ignore the error, or disable email files in the on-demand scanner setup.
     
  3. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    I think .mbx files are a hang over/legacy piece within Eudora - ie, you can use them , or convert to their newer counterpart (which are faster and less prone to corruption).

    I would look into converting from .mbx files - if I recall correctly, it was just a click in one of the options tabs (but it was several years ago that I made that change - with v4 I think...).


    hth

    Greg
     
  4. John2222

    John2222 Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    140
    .mbx files (and corresponding .toc file) make up a "folder-mailbox" within Eudora to store related emails. It is equivalent to Outlook Express .dbx folders.

    I am using Eudora 6 current version.

    I assume that Nod32 supports OE .dbx folders?

    Any idea if Nod32 is planning to support Eudora .mbx folders?
     
  5. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    hmm... yes, mbx is the current, not the old method - or perhaps I'm just creeking back to me Mac w/Eudora days - apologies...

    I wasn't on a machine with eudora until now... I will have to look more closely, as I don't recall seeing mbx errors in NOD32 logs ... why shouldn't NOD32 be able to scan mbx files..?
     
  6. John2222

    John2222 Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    140
    It appears that Nod32 is trying. When I context (right-click) scan the Eudora data folder, I see a giant 100% cpu use for awhile on one of my larger .mbx files and the file name shows/changes to part0001.txt.

    My guess is that Nod32 copies the .mbx file to the part0001.txt file and then attempts an intelligent scan of that file.

    The .mbx files are a "text" readable file with the text and html and header source from each email. The .toc is the table of contents pointers I believe to the .mbx file.

    I think it is important to scan my saved emails for viruses--after all isn't that the basic reason why I just bought Nod32?
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    With IMON enabled, there's no chance a virus could get into your mailbox. Even if NOD was to scan mbx files, it would only tell you which contain a malicious attachment. Such emails are not dangerous because AMON would catch possible threats on save to the disk.
     
  8. John2222

    John2222 Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    140
    I realize I am protected from NEW emails or viruses entering my system. What I am concerned about is all the existing emails stored in the .mbx files.

    What happens when I open one of my old emails from the .mbx file? It's never been scanned or analyzed. I understand about attachments, but what about html viruses or worms or ? that are activated when you open the email?

    I guess it is analogous to a virus existing in an old zip file in the days before antivirus software was able to unpack zip files. I just wait till I unzip (un-mbx) the file to find out if I have a virus/worm/trojan etc?

    I'm trying not to be paranoid but concerned that the Nod32 inability to protect against a file that contains lots of emails is a basic need.

    After all many malwares are transmitted via email.

    I want protection against what IS/might be on my pc as well as future threats trying to get in.
     
  9. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    Marcos,

    does NOD32 scan a .mbx file if it's sent as an attachment? Just musing aloud... if a .mbx file isn't scanned, it's at least ONE way to get onto a machine via the back-door - I know the threat still needs to get executed without detection, but getting onto the target machine without being detected surely is half the battle...

    regards

    Greg
     
  10. John2222

    John2222 Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    140
    I don't mean to just harp on this issue, but this is what bothers me

    Marcos: "mbx files are not supported, just ignore the error, or disable email files in the on-demand scanner setup."

    mbx files (Eudora) are the equivalent of dbx (Outlook Express) email files.

    Other than web-based email apps such as Yahoo etc, I think that Outlook, Outlook Express, and Eudora are probably the top three email clients.

    Does Eset/Nod32 think that dbx files should just ignored?
    Why are they scanned, but not mbx files?

    As webyourbusiness said, if someone can put a malware payload in a mbx extension file, we're all in trouble!
     
  11. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    I'm just thinking of modular malware... get a fairly innocuous piece of code onto a machine, that begins downloading another piece of fairly innocuous code, and another, and another - string 'em together into something a little less innocuous and find a way to run them undetected....
     
  12. John2222

    John2222 Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    140
    So to summarize:

    1. Why does Nod32 support/scan Outlook Express .dbx email files?

    2. Why does Nod32 support/scan Outlook .pst files?

    3. Why does Nod32 NOT support/scan Eudora .mbx email files?

    I wouldn't want to ignore the hundreds/thousands of existing emails on my pc for ANY of the three prevelent email clients above?

    Should I report this to Nod32 tech support or what?
     
  13. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Because this is the industry standard.


    It is a minority player.


    Marcos works for Eset, so you have had an official reply.

    Cheers :D
     
  14. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada

    anything except M$ is a minority - you're happy with that kind of answer?
     
  15. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    LOL, well Eset can only try to keep the masses happy, the old adage that you can keep most of the people happy most of the time, but you will never keep all of the people happy all of the time, comes to mind...

    Cheers :D
     
  16. John2222

    John2222 Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    140
    I guess compared to Microsoft, any software is a minority player.

    However, according to Qualcomm/Eudora there are more than 20,000,000 Eudora users worldwide.
    http://www.eudora.com/presskit/backgrounder.html

    If Eset was able to market and sell Nod32 antivirus to as little as 5% of those users, it would mean a annual revenue stream of $39,000,000--which I would not call "minority" money.

    That's why I am surprised that Nod32 does not support virus protection scanning for Eudora mbx mailboxes. My personal guess is that most of the Eudora/Nod32 customers are not even aware that their mailboxes are skipped over by Nod32.

    I like Nod32. Why not try and get that $39 million by supporting Eudora.
     
  17. John2222

    John2222 Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    140
    With IMON enabled, then why does Nod32 even bother scanning Outlook (pst files) or Outlook Express (dbx files)?

    Why not just trust AMON to catch those threats?
     
  18. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    NOD32 doesn't bother to scan those files, the thing is you set NOD32 to scan them :)
     
  19. John2222

    John2222 Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    140
    Is the recommended approach to NOT check the option to scan any compressed files? I thought that scanning everying was the preferred (safest) approach for full pc scans.
     
  20. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    I think the bigger point being that they can contain viruses lying in wait - scanning and cleaning them would be the preferred way to go...
     
  21. John2222

    John2222 Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    140
    I agree. That's why I checked that option.

    Then I discovered that Nod32 doesn't support Eudora email files which is a disappointment to me.

    I'm hoping (please) that Nod32 will add Eudora support in the next release :)
     
  22. Ensign Garak

    Ensign Garak Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    11
    I am also a long-time Eudora user, who began searching for a new virus protection program in November. Upon downloading NOD32 and initiating my first full scan, the program took five hours to complete mainly due to the inordinate amount of time the program takes to crank through part001.txt and part001.htm files. I had already unchecked the option to scan E-mail files, so as far as I am concerned, that doesn't do enough to make NOD32 ignore Eudora files.

    I have been impressed with the comments of others I have read with regard to NOD32, and considering that the first in-depth scan that I ran identified a virus on my system that had not been picked up by Norton, I have a positive reaction to NOD32's abilities. However, if the way that the software works doesn't allow me to feel as though I can use it freely (because I have to allocate five hours or so to accomplish a scan), then I have reservations in becoming a customer.

    As John2222 says, I would like to see NOD32 augmented to include support for Eudora.
     
  23. John2222

    John2222 Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    140
    I was impressed with the NOD32 low overhead. However, after I gave up on NOD32 because of the Eudora issue, I tried an online scan using Kaspersky ( http://www.kaspersky.com/ ) which is a well respected antivirus program.

    Kaspersky found 4 or 5 email viruses in a newsgroup Forte Agent mailbox, which NOD32 analyzed but never picked up!

    So NOD32 isn't perfect either.
     
  24. Ensign Garak

    Ensign Garak Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    11
    Thank you for the additional information, John. I spent a full day researching various antivirus solutions for my home computer, as I have found that coming up with an assessment of the "best" software to use is difficult, to say the least. I was greatly impressed with the many positive comments I have read about NOD32 on many different forums, but its shortcomings regarding the handling of Eudora mail may very well send me to a different product.
     
  25. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    NOD32 only scans inside Microsoft Outlook's pst files and Outlook Express' dbx files so your statement that NOD32 analysed a different kind of mailbox is wrong.
     
Thread Status:
Not open for further replies.