Nod32 and The Bat mail client

Discussion in 'NOD32 version 2 Forum' started by tebi_tan, Jun 30, 2004.

Thread Status:
Not open for further replies.
  1. tebi_tan

    tebi_tan Guest

    Could You please help out and thell me the settings so that Imon scans also e-mails received by The Bat mail client?
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    It is my understanding that with NOD32 version 2, if its IMON component is enabled, all POP3 email is scanned automatically (at the network level) regardless of the mail client being used. (The older version used to require proxy settings in each and every email client so that they would pull messages through a proxy port provided by NOD32 itself. But, that is no longer the case.)

    There is one other thing to consider though. The Bat! has a lot of advanced email handling features which can resolve email right up on the mail server, without pulling it all down to your system. So the points mentioned in this thread would apply to those processes with The Bat!...

    https://www.wilderssecurity.com/showthread.php?t=38798
     
  3. tebi_tan

    tebi_tan Guest

    Thanks, I will try it out.

    I switched from Nod32 to Avast, which has a The Bat plugin just because of this issue.

    Hopefully Nod32 will also detect the viruses, even if doesn't have a specific plugin for The Bat.
     
  4. Dude

    Dude Guest

    I've got NOD32 and the Bat!. It scans my mail. Heck, it evens scans usenet news too if you are using TB! with MyGate Pop >NEWS gateway.
     
  5. spin

    spin Guest

    I use NOD32 and The Bat! NOD32 scans, by default, port 110 POP3 traffic. If you are using regular old POP3 accounts and they are using port 110 (POP3 default), NOD32's IMON will automatically scan the incoming emails in The Bat!

    My setup is a little different than most, as I use POPFile as a POP3 proxy (port 110) for my regular POP3 accounts and YahooPOPs as a POP3 proxy (port 124) on my Yahoo account. In the IMON > Settings there is a field to enter the POP3 ports in use ... simply comma separate the values. In my case, my POP3 email is coming in via ports 110 AND 124, so I have this field set to: 110, 124

    NOD32 is the perfect complement to The Bat! The combination is seemless, effective, and highly efficient. I can't think of two better programs. Good luck! /spin
     
  6. RoseDreamJ

    RoseDreamJ Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17
    Location:
    NY USA
    I agree. But I still wish there was a NOD32 plug-in for TheBat that worked. I don't like to trust background processes. And I like to have the opportunity to double check via an on-demand scan from within the mail client. Furthermore, isn't it also possible that NOD32 could miss a virus laden message today that I might not open 'till tomorrow? Perhaps that's not a very strong argument. But it works for me :)
     
  7. spin

    spin Guest

    I understand your point/wish, although I believe that NOD32's built-in IMON POP3 port scanning is awesome. A plugin isn't needed because the process is automated.

    Half of Window's functionality is embedded in services and background processes! :p ... and out of all of them, I trust NOD32 perhaps more than any of them. I like the idea of a fortified and stealthy NOD32 doing its job, silently (for the most part) and like a good employee who you can trust to open and close the store while you are away and sipping pina coladas on the beaches of St. Thomas.

    You could always set up IMON to tag all emails that have been scanned, as opposed to tagging only infected email. Maybe that will reassure you that it's scanning all incoming email? I set up the IMON POP3 incoming ports to be scanned, then tested some incoming email using the EICAR test strings in attachments at http://www.testvirus.org/ just to make sure I had TB!, NOD32, POPFile, YahooPOPs, etc. configured correctly.

    I wish also that TB! had a right-clickable context menu option to run on-demand scans also. I have had some attached files that scan negative using the current NOD32 definitions, but I am interested in scanning them in a day or two as new definitions emerge/update. I simply HATE having to open Windows Explorer to scan TB! mail folders manually (if I remember) or having to -- right-click > Save -- the attachment to scan individually in the explorer interface. I would love to be able to -- right click > Scan using NOD32 -- right from TB! some days later if I were curious. I am not sure if this is more of a TB! issue or a NOD32 issue getting that context menu in there?!?!


    This is true of any mail client/antivirus combination (isn't it?). The nice thing about NOD32 is that it can be configured to check definitions updates every hour, and hopefully that if you DID open that "scanned negative" attachment tomorrow, chances are that the virus will have been defined by then or that the heuristics will catch the virus via AMON.

    With NAV, I would have it set for "auto updates" but would notice that it would sometimes go for days after a new set of definitions were released and still not have updated to those newer definitions. I had ZERO faith in NAV auto-updates, but have complete faith in NOD32. Only rarely does the NOD32 update reach a kink in connecting to check for updates.

    Perhaps someone here or on TB! discussion lists knows how you could get a right-clickable context menu to scan with NOD32 on-demand? That would be cool!
     
  8. RoseDreamJ

    RoseDreamJ Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17
    Location:
    NY USA
    I understand that. But technically, neither is any on-demand scanning. After all, with NOD32 IMON and AMON enabled, it can't get there or be launched without NOD32 intercepting, right? So, why have it? For me, it's because I like to be in control and I like some type of feedback on what I'm specifically interested in. I don't like the "install it and forget it" trend.

    True. And I agree that trust is well placed in NOD32 even though I used the words "don't trust". I guess I would have made my point better had I said, I like visual confirmation and hands-on scanning.

    Regarding the TB plugin or context menu, the plugin info has been sent to ESET. So, to me at least the ball is in ESET's court and they seem disinterested.

    And thanks for reminding me about how IMON would catch even tomorrow's evil message. Bug duh to me. :)
     
  9. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    RosedreamJ, Eset does not make plug-ins for any mail client. We only provide API to the companies interested in having one. However, we have already sent the API to the TB! vendor and anticipating the plug-in.
     
  10. RoseDreamJ

    RoseDreamJ Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17
    Location:
    NY USA
    That's great. So, I was mistaken. The ball is back in RitLabs' court. Thank you for taking the time to fill me in on the official details. I really appreciate that and Eset's interest in us users of alternative mail clients.
     
  11. spin

    spin Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    1
    I am sure RoseDreamJ and I both agree that it will be a great day when both Eset's NOD32 and Rit Lab's The Bat! are considered the gold standard by which all other antivirus and email applications, respectively, are compared. I couldn't be happier with this combination.

    I love that NOD32 allows me to customise the subject line of infected emails, and I love the power of the regexp-enabled filters and sorting office tools in TB! that allow me to do almost anything with those tagged emails. A TB plugin to do on-demand scanning using the "soon-to-be-fully-implemented" advanced heuristics is just too exciting! :eek: /spin
     
Thread Status:
Not open for further replies.