SMTP Notification of alerts

Discussion in 'ESET NOD32 Antivirus' started by argint, May 23, 2008.

Thread Status:
Not open for further replies.
  1. argint

    argint Registered Member

    Joined:
    May 23, 2008
    Posts:
    5
    Hi All,

    I am using V3 Nod32. I am seeking clarification on the use of smtp for notifications in advanced setup.

    - We have 17 laptops running NOD32 administered _without_ a LAN, I wish to be emailed with notifications and alerts so I can take action - as would anyone!

    - I have tried to configure the smtp notifications with no avail. I have tried to use smtp.gmail.com and other public, non SSL servers. I have a valid username and password and the account is functional.

    - I have double checked every entry, and rebooted after any change.

    - I then stimulate an alert with a publicly available test virus.

    - I simply cannot get NOD32 to issue mails.

    Q - Is there ANYTHING i need to know about using this facility? eg limitations, ports, issues anything at all that I can use to get this working?

    Q - Is it simply because my laptops are all remote and NOT on a network?

    Q - Has anyone had success with this functionality?

    I really need to be alerted to problems so I can take action, and Im out of ideas.

    Regards

    Alan
     
  2. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Hello Alan....Welcome to Wilders,

    Couple of questions using the below pic from the EAV 3.0 Tutorial on EMAIL NOTIFICATION OF INFECTIONS as an example....

    1) Did you place your e-mail address in both the Sender and Recipient boxes.
    2) "non SSL servers"....means you are using SMTP :doubt:

    Bubba

    SMTP.JPG
     
  3. argint

    argint Registered Member

    Joined:
    May 23, 2008
    Posts:
    5
    Hi There,

    Yes, thanks for your reply - I merely mentioned non ssl because i had already searched the forum and read that NOD32 doesnt smtp to SSL, and wanted to clarify i wasnt attempting to do that!.

    Yes - I have really went over this several times with myself to be sure its not a typo, all entries are as expected. In the image attached, xxxx is my username. All seems in order. As i said i trigger a virus, I see the alert bubble on systray, i see it recorded in the MOD32 log, but simply dont get any mail. Im only behind windows firewall, nothing else blocking me from the internet, and i understand gmail should accept this.



    Any thoughts?

    Thanks for your help,

    Alan
     

    Attached Files:

    • smtp.png
      smtp.png
      File size:
      37.9 KB
      Views:
      315
  4. argint

    argint Registered Member

    Joined:
    May 23, 2008
    Posts:
    5
    Hi Again - Ok I have totally crossed wires here. Here is how I now see things:

    - NOD32 Notifications do NOT support smtp email via a server requiring SSL/TLS or a specific port
    - For example smtp.gmail.com is actually secured and requires a specific port, 587.
    - The ability to do this has been recognised as a feature request from version 2, but has not been implemented in version 3.

    Implications:

    - You cannot use an smtp server available to the general internet as this would by be secured with authentication and ssl
    - As we use hosted services for email etc, and do not run a network, there is no way for us to now receive notifications.


    EDIT! Could my understanding of this issue please be confirmed for me by someone who KNOWS for sure how this works?


    We do use other IT support software however, and if NOD32 were to generate events in the Windows Event Logs regarding status, threats etc we could respond to that very easily. eg the current logs are not readible outside NOD32, if that information were available in Windows Event Logs, we would be fine. We currently have 17 machines, and Im out of ideas now how to get notifications in our scenario.......

    Anyone agree here?

    regards

    Alan
     
    Last edited: May 24, 2008
  5. Bitten By C Bug

    Bitten By C Bug Registered Member

    Joined:
    May 9, 2007
    Posts:
    45
    Hello Argint........Possible bug? I've had same issues on a "Network" with NO warning being sent via smtp to my email for all pc's on the network UNTIL for some reason i went and named all the correspnding pc's on network to uniquely identify each pc then no issues with smtp sending of alerts.. But i do find it strange that having to name ur pc on network then allows this to function properly.. I just redid mother in laws pc WITHOUT naming her pc on network and downloaded eicar test file== nod32 terminated connection but NO alert via email alerting administrator of such occurences.. I'm not sure if this is by design or possibly a bug of some strange mmmm irrelevantness to my little bit of knowledge..
    Back to the point sir... device manager <it worked for me and others on network> name ur pc click ok/Apply and i had to reboot in order for the alerts to then be sent.. I hope this helps if isn't related to a bug and if by design someone?? Please allow us to know ahead of time so we can set such settings..
    Marcos? Hightech?? wanna chime in cause this is the only way i can myself get alerts from others on network if they have come across a virus trojan etc and nods detection was to Put a Name on pc for network identifying purposes.. If no name was present==no response via alerts for smtp prot..
    TYIA and Argint again I'm not as hip as the majority but i did find this solution by mere accident... Hope this helps or we find out is by design or possible bug.. Peace....
     
  6. argint

    argint Registered Member

    Joined:
    May 23, 2008
    Posts:
    5
    Hi All - Is there any official NOD32 response to using SMTP notifications?

    Is my analysis of the situation above correct?

    It seems this question hasnt generated much interest, Im wonderong if its because people are not using this facility, or, it isnt designed to work as I am trying to use it.

    It would help if this was at least pointed out in the dosumentation. ie the limitations of it, so peoples time isnt wasted?

    Regards

    Alan
     
  7. PRJUS

    PRJUS Registered Member

    Joined:
    Sep 13, 2007
    Posts:
    95
    Location:
    Denmark
    Hi!

    I have two customers where this works as it should except that the computer name shows up as "unknown":

    2008-05-27 12:57:27 - Module Real-time file system protection - Threat Alert triggered on computer unknown: C:\Documents and Settings\Administrator.DKERE-FA01\Local Settings\Temporary Internet Files\Content.IE5\CV9K5797\eicar[1].com contains Eicar test file.

    Most often SMTP errors are due to restrictions on who can relay through the SMTP server in my experience.

    /Preben
     
Thread Status:
Not open for further replies.