Talk:Antivirus software: Difference between revisions

From MozillaZine Knowledge Base
Jump to navigationJump to search
Line 37: Line 37:
As explained, the suggestion to turn off email scanning is for compatible AV programs: "Even if your AV program is compatible with Thunderbird, consider turning off your AV program's e-mail scanning but not its autoprotect function."  
As explained, the suggestion to turn off email scanning is for compatible AV programs: "Even if your AV program is compatible with Thunderbird, consider turning off your AV program's e-mail scanning but not its autoprotect function."  


Also, as far as i know, most AV programs' autoprotect function does not do anything unless you access an infected email and, in fact, often only if you access its infected attachment. With email scanning disabled, TB makes sure that almost all infected emails end up in the junk folder and are deleted when that is emptied. As a result, the following and other serious problems caused by email scanning are avoided: continuous system drain, thousands of unnecessary scanning processes, and dozens or hundreds of potentially dangerous and completely unnecessary surgical operations within the mail folder. Emptying TB's junk folder is a much, much better way of deleting infected emails than using any AV program to find and delete these same messages, and TB identifies almost all infected emails because they are usually spam.
Also, even though this does not apply to NAV (as you explained), as far as i know, most AV programs' autoprotect function does not do anything unless you access an infected email and, in fact, often only if you access its infected attachment. And even in the case of NAV, with email scanning disabled, TB makes sure that almost all infected emails end up in the junk folder and are deleted when that is emptied. As a result, the following and other serious problems caused by email scanning are avoided: continuous system drain, thousands of unnecessary scanning processes, and dozens or hundreds of potentially dangerous and completely unnecessary surgical operations within the mail folder. Emptying TB's junk folder is a much, much better way of deleting infected emails than using any AV program to find and delete these same messages, and TB identifies almost all infected emails because they are usually spam.


And in the case of almost all of these infected emails in the junk folder, since the autoprotect function of even badly designed programs like NAV doesn't kick in unless you access the junk folder, turning of email scanning is in fact also beneficial in the case of incompatible AV programs: since almost all infected email will be in the junk folder, NAV very seldom gets a chance to corrupt the inbox even if it would do so if there is no junk mail filtering and it would delete the inbox if one previews an infected email without even opening its attachment.  
And in the case of almost all of these infected emails in the junk folder, since the autoprotect function of even badly designed programs like NAV doesn't kick in unless you access the junk folder, turning of email scanning is in fact also beneficial in the case of incompatible AV programs: since almost all infected email will be in the junk folder, NAV very seldom gets a chance to corrupt the inbox even if it would do so if there is no junk mail filtering and it would delete the inbox if one previews an infected email without even opening its attachment.  

Revision as of 09:29, 14 August 2005

if someone knows how to make gmail work in thunderbird with avg anti-virus, could they add that to the wiki as well? thanks!--134.58.253.131 03:43, 29 Nov 2004 (PST)

ClamMail (.sf.net) and ThunderBird/Mozilla suite mail

here is a link to current RFE to ClamMail to add support for simple account modification for ThunderBird :

http://sourceforge.net/tracker/index.php?func=detail&aid=1173082&group_id=125389&atid=702313

the author of clammail asks this because he added that functionnality for Outlook Express users in 1.2.7 (1.2.8 is latest) it was easy as outlook express stores all mail account details into registry.

it is a RFE to make integration between ThunderBird and ClamMail more user-friendly (checkboxes for each account instead of having to modify manually login, host, port, whatever)

Norton AV has it for ages, that's why i asked him to add it (for Outlook Express) and gave him details on how to do it (via registry)

so, if someone knows programmaticaly how to access to account info (login/host/port/ssl?), please help there.

Section on e-mail scanning av

I'm pulling this paragraph because the advice is dangerous and incorrect. If someone wants to rewrite it, that's fine with me:

* Even if your AV program is compatible with Thunderbird, consider turning off your AV program's e-mail scanning but not its autoprotect function. Because email scanning can result in Inbox corruption and computer slowdown or lockup and because it provides no extra protection, many independent experts advise against it, and even some antivirus vendors quietly admit that it provides no extra protection. Malware attachments are not at all dangerous as attachments, only when activated by users opening them. As long as your AV program's autoprotect function (often called "guard" or "shield") is turned on, it will effectively prevent any "infection" by malware your AV program knows about: i.e. it will not let you open and thereby install any known malware program in an e-mail attachment.

Here's what's wrong:

First, 'autprotect' features delete and corrupt inboxes. That's the whole point of this wiki page!

Second, e-mail scanning (I assume you mean a proxy) is less likely than autoprotect to corrupt Thunderbird mail; they act on data before/after it's in a Thunderbird file. In fact, scanning proxies can protect TB mail files from corruption by preventing viruses from getting there in the first place.

Finally, while what is written here about e-mail scanning an interesting idea, it's certainly not widely accepted and should not be given as advice to end users. It's the opinion of a few and belongs in their blogs or postings to forums. - Guanxi

I hope i addressed your concerns in my rewording. - American Finn

I don't think you've adequately addressed the crucial points Guanxi made above. In my experience with NAV, its autoprotect most certainly will delete/lock up your Inbox or other mailbox if it finds a virus inside, regardless of whether you open the attachment, because autoprotect kicks in whenever the mailbox file is accessed. That's why you have to switch off autoprotect to restore a quarantined Inbox. I don't see how running only with autoprotect is going to alleviate this; the only thing that will help is if infected messages are being quarantined before they reach the Inbox. No? --Wintogreen 11:34, 13 Aug 2005 (PDT)

As explained, the suggestion to turn off email scanning is for compatible AV programs: "Even if your AV program is compatible with Thunderbird, consider turning off your AV program's e-mail scanning but not its autoprotect function."

Also, even though this does not apply to NAV (as you explained), as far as i know, most AV programs' autoprotect function does not do anything unless you access an infected email and, in fact, often only if you access its infected attachment. And even in the case of NAV, with email scanning disabled, TB makes sure that almost all infected emails end up in the junk folder and are deleted when that is emptied. As a result, the following and other serious problems caused by email scanning are avoided: continuous system drain, thousands of unnecessary scanning processes, and dozens or hundreds of potentially dangerous and completely unnecessary surgical operations within the mail folder. Emptying TB's junk folder is a much, much better way of deleting infected emails than using any AV program to find and delete these same messages, and TB identifies almost all infected emails because they are usually spam.

And in the case of almost all of these infected emails in the junk folder, since the autoprotect function of even badly designed programs like NAV doesn't kick in unless you access the junk folder, turning of email scanning is in fact also beneficial in the case of incompatible AV programs: since almost all infected email will be in the junk folder, NAV very seldom gets a chance to corrupt the inbox even if it would do so if there is no junk mail filtering and it would delete the inbox if one previews an infected email without even opening its attachment. American Finn 01:35, 14 Aug 2005 (PDT)

not opening attachments for a day

This advice may prevent viruses, but I think it's problematic:

In addition, it is a good idea to wait at least one day before opening any attachment that has been forwarded to give your AV program's manufacturer a chance to provide a perhaps necessary new update.

I think for most people, and especially most working people, that's just impractical. My friends and co-workers would be a little unhappy!

Absolutely. "Sorry, boss, but I can't open that file you sent until the next virus definitions come out. Tomorrow at the earliest." Repeat twice/day. Lose job. --Wintogreen 11:40, 13 Aug 2005 (PDT)

As explained, this extra protection advice applies only to forwarded emails with attachments and only from unknown senders. American Finn 01:18, 14 Aug 2005 (PDT)