Hi, Just curious if anyone here has seen the discussion over at Becky's on this topic and what their thoughts might be on this issue. http://www.morelerbe.com/ubb/ultimatebb.php?ubb=get_topic;f=39;t=000334 Thanks Logan
Hi Logan, New to me. You could post the essence over here; after that, It'll be my pleasure to contact Eset/NOD32. regards. paul
Paul, I would not know how much or how little to post here, and with Palo's answer near the end, I guess it is a dead issue for Eset for now. I was just wondering other NOD users thought. Logan
Logan Just had a look. "Low priority" eg of no importance to Eset as it seems. reading Palo's answer. Btw: we could have provided you with Palo's info weeks ago..Anyway: Becky users seem to have a problem here - without a solution. Sorry to hear so. IMHO the POP3 email scanner part from NOD32 isn't by far a reliable component at the moment by design. Probably/hopefully the upcomng version 2.0 will be vastly improved.
1.I have yet to see someone reporting the pop3 scanner missing a file on download. 2. Attachments are stored in base64 encoding in Becky and are therefore harmless in that state. 3. Upon activating of the attachment (which would be stupid to do) amon does advise. I see no problem and can appreciate ESET concentrating on dev on new version.
Hi Mickey, It's a matter of design. The po3 scanner does "miss" numerous (compressed) files. Both JacK and my person have reported this on many occasions to Eset. Only in case the compressed files are actually activated, NOD32 will jump in. In the meanwhile, if only for "importing" reasons, the infected file is stored in an archived email client file - thus, in case anyone chooses to import archived email files/databases, the infected files will be imported as well. Proof of the pudding: activating: a) NOD32 pop3 scanner; b) DrWeb anti-virus; c) The Bat! email client; d) DrWeb - The Bat! pop3 scanner .dll Now, when receiving an infected compressed attachment, NOD32 pop3 scanner will not alert in any way. DrWeb detects the infected file at the spot, and handles it the way one has configured it (many options available). This leaving aside the config from DrWeb and/or DrWeb SpiderGuard. stored is an issue here; see my comment about archived files mentioned above. What happens when for some reason one chooses to import archived email files using Becky?? - infected files will be imported IMHO... As stated: a matter of design - and IMHO this could be handled far better - as might be demonstrated by now. A matter of opinion. I for one am not a happy camper with the actual design. I knew we would agree on at least one item in the end! regards. paul
NOD32 is not able to block/delete infected archives in anyway. In this case DrWeb's archives handling is better addressed... Technodrome