Okay, that ties in with your original post, which I only saw through snippets quoted in reply. Your network-managed antivirus system blocked SMTP and/or POP from your workstations to their associated email servers? Yeah, that's a bug. We have had to work with clients (and their "computer guy") to configure over-eager malware blockers that prevent people from getting legitimate work done. It's pretty annoying.
Yup. It popped up a window, on each access to a POP or SMTP server, claiming that the server's "certificate" was invalid, and stopped the download/upload. There's an option in the window to view the certificate. The certificate was always, at least, unexpired. Since when using an email client that could contact up to three different POP/SMTP servers instantaneously, we would get one such window for each server, I am betting that any other criteria that were applied to assess those certificates were bogus.
And when using Thunderbird, this pop-up would always cause a program error or, in at least one case, a C5 crash which the Windows Error Log attributed to the antivirus system's email scanner.
In any case, the email clients were not configured to use SSL, and therefore the anti-virus software had no business querying the servers' SSL certificates.
And to make it even more fun, this did not occur consistently on all workstations. Some never experienced the problem. Some identical machines got it on the first attempt to use email after getting the antivirus program update. Some didn't get it until several days later, after using email successfully many times.
The pop-up window has a button to press to "permanently" confirm an "exclusion" for the bogusly-invalid and completely irrelevant certificate. This, also, did not work consistently. If you press the button the blocked transaction would proceed, but the "permanent exclusion" did not always persist. Sometimes it did. Sometimes it did not and the same pop-up would appear again on the next contact with the server, or sometimes not until a day or two later after several successful downloads or uploads.
There's a setting in the antivirus client that is supposed to turn off "SSL scanning" and it, too, does not work reliably.
grrrr.. The only reliable workaround for the worst-afflicted cases was to uninstall the "updated" antivirus client and reinstall an older version. I've been dealing with this for a month. The antivirus company has yet to acknowledge that this is a problem. Oh well, at least it still gets pattern/engine updates....
BTW, folks, if you're not aware of it: PDF was supposed to be a "portable document format" but since they enabled JavaScript, PDF must be considered an executable, on Windows platforms, anyway, that may contain bad code and, optionally, a document.
Oh yeah. PDF is one of the dicey attachments included in my orientation lecture for new employees. I set Acrobat Reader to not open other programs by default on everybody's machine, which does prevent some issues, though I'm sure not all of them.
Ken Dibble www.stic-cil.org _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[email protected] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
