How to Protect Message Bases (Was Re: PC-cillin and TB!)
Hello, P. Johnson. On Friday, 5 November 2004, 12:03:59 AM, you wrote: PJ I'm getting a new computer and want to get the best PJ firewall and virus protection I can, and have been PJ looking at Trend Micro PC-cillin Internet Security. Regarding the issue of antivirus software and The Bat!, you might want to check the following RITLabs Knowledge Base article, which is directly relevant (e.g., the use of antiviral plug-ins): On how to protect message bases from being damaged. http://www.ritlabs.com/kb/idx/16/043/article/ Others on the list have brought up the problems associated with antivirus products that lack plug-ins for The Bat! and this article describes that issue and possible problems (that I *will* face, I fear). I have been evaluating TB! 3.0.1.33 and I use Norton AntiVirus as part of Norton SystemWorks. My evaluation period is up, but I received very few messages, which is why I think that NAV did not trash my installation of TB. I was spared, because I had very few messages. I am very concerned, however, that I will have all kinds of problems if I can afford to register The Bat! and reinstall it on my computer after I perform a clean installation of Windows XP Professional (SP 2). I was given SystemWorks 2005 Premier as a gift and the giver cannot return it. (I am also going to replace the Windows XP firewall, which lacks egress control, as several people have mentioned. Fortunately, as others have said, good, *free* firewall software exists; plus, I have a hardware firewall/router/switch. ZoneAlarm works well with me under Windows 2000 Professional, and I got used to handling its warnings easily.) If The Bat! polls all of my e-mail accounts and downloads all of the messages (and I plan to clean out the accounts via a Web interface), I will have enough message bases to put me in real danger of damaged TB files, slow performance by The Bat! and lost e-mail. NAV might cause havoc with TB, although I do not recall any posts mentioning NAV causing problems with TB. It has been a while since I installed SystemWorks, so I do not know if I can choose not to install NAV and use a product that has a plug-in for TB. I thought that the article would be of interest to you, and to other members of the list. (The bottom line is that RITLabs states that you should use an antivirus product that has a plug- in for TB.) The article contains good advice in a short space. I wish that I could find a solution to this issue myself, because I know that I am going to be a trouble! Do any other users of Norton AntiVirus have problems with The Bat! and damaged files or slow performance? Alexander S. Kunz has given me much information about Kaspersky's products and he is an experienced professional, but I am basically stuck with NAV. (Registering The Bat! is going to cost a relative fortune for me, because of my current financial status, so I just cannot afford to ditch the Symantec product that I received as a gift.) I hope that the Knowledge Base Article helps! Cordially, David P.S. -- Symantec will never offer a plug-in for TB. Because of TB's relatively small user base, Symantec would have no economic incentive for a plug-in. (Now, if we could just find a way to increase drastically the number of people who use TB...!) I know that I want to be a registered user, despite the fact that I am basically stuck with Norton AntiVirus, which I fear could lead to some *very* messy consequences. I want to follow the guidelines of the KB article, because RITLabs knows their product, obviously, but I cannot afford to do so. I know that RITLabs offers a plug-in API, but I do not think that my basic experience with ANSI C will allow me to do anything with the API. ;-) -- http://ddickerson.igc.org/ _ Get ready for school! Find articles, homework help and more in the Back to School Guide! http://special.msn.com/network/04backtoschool.armx Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: How to Protect Message Bases (Was Re: PC-cillin and TB!)
David M. Dickerson @ 2004-Nov-15 9:28:30 PM How to Protect Message Bases (Was Re: PC-cillin and TB!) mid:[EMAIL PROTECTED] Symantec will never offer a plug-in for TB. Because of TB's relatively small user base, Symantec would have no economic incentive for a plug-in. (Now, if we could just find a way to increase drastically the number of people who use TB...!) Also, Symantec's e-mail scanner is designed differently from those from companies that provide a plugin for The Bat! NAV's scanner is a proxy scanner; it sits between The Bat! and your e-mail server examining all traffic between the two. That Bat! plugins scan each message as it is downloaded by The Bat! NAV's scanner works for all e-mail clients. The Bat! plugins only work for The Bat! -- Chris Quoting when replying to this message is good for your karma. Using The Bat! v3.0.1.33 on Windows XP 5.1 Build 2600 Service Pack 2 Accessing a POP3 mailbox. Minds are like parachutes - they only function when open. pgpBULBwmY6OA.pgp Description: PGP signature Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Mica, Saturday, November 6, 2004, 7:46:50 PM, you wrote: sending this off-list so people won't think I'm advertising. :-) Yea, that's fine. :grin: Oh my gosh... And hiding a good product which might be of benefit for TB users. Fine too. :grin: I just forgot to delete the first phrase when I decided to send the message to the list rather than PM... because I didn't want to hide the good product. :-) -- Best regards, Alexandermailto:[EMAIL PROTECTED] Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Alexander, Saturday, November 6, 2004, 5:33:57 PM, you wrote: My mistake, somewhere in between the mails I started mixing things up. I did not mean TB's messagebase, but a unix messagebase (plain text format), or a .eml | .msg attachment (when exported). Those are usually covered with the archive support of virus scanners (at least mine does it that way, I can switch off the checking of mail archives however, for it is a lengthy process to decode all attachments). My virus scanner also checks TB's messagebase format (I'm using GData AVK, it contains the KAV and the BitDefender engine) and does find messages with malicious attachments that way - I don't know if thats a special feature of GData's AVK or if this is part of either the KAV or BD engine. It means that it checks plain text files. Because that's what *.tbb files are - at least in v2. -- Best regards, Andre The Bat! v2.12.00 on Suse Linux 9.1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Andre Wichartz everyone else 07-Nov-2004 12:08, you wrote: It means that it checks plain text files. Because that's what *.tbb files are - at least in v2. My .tbb files are definitely not plain text files, I just checked... they contain some sort of header information starting with hex code... -- Best regards, Alexander (http://www.neurowerx.de - ICQ 238153981) using TB! v3.0.2.5 on Windows XP Pro Service Pack 2 I wish I didn't know now what I didn't know then. (Bob Seger) Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: PC-cillin and TB!
Hello all, Sunday, November 7, 2004, Alexander S. Kunz wrote: It means that it checks plain text files. Because that's what *.tbb files are - at least in v2. My .tbb files are definitely not plain text files, I just checked... they contain some sort of header information starting with hex code... TBB files are stored in binary format and TB checks CRC when is loaded. So if will any antivirus try to remove such part of this file, it can corrupt it. -- Bye Marek Mikus Czech support of The Bat! http://www.thebat.cz Using the best The Bat! 3.0.2.5 under Windows XP 5.1 Build 2600 Service Pack 1 Notebook Acer, Pentium4-M 2.2 GHz, 512 MB RAM, ADSL line Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Marek Mikus everyone else 07-Nov-2004 16:03, you wrote: TBB files are stored in binary format Do you happen to know since when that is the case, as Andre mentioned v2 stores them as plain text... I don't really know. -- Best regards, Alexander (http://www.neurowerx.de - ICQ 238153981) using TB! v3.0.2.5 on Windows XP Pro Service Pack 2 There was never an idea started that woke men out of their stupid indifference but its originator was spoken of as a crank. -- Oliver Wendell Holmes Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: PC-cillin and TB!
Hello all, Sunday, November 7, 2004, Alexander S. Kunz wrote: TBB files are stored in binary format Do you happen to know since when that is the case, as Andre mentioned v2 stores them as plain text... I don't really know. TB never stored msgbases in plain text format like Netscape (Unix mailbox). There were two formats of msgbases, first was used until 1.41 version, actually used format was introduced in 1.42 version and is the same until 3.x. -- Bye Marek Mikus Czech support of The Bat! http://www.thebat.cz Using the best The Bat! 3.0.2.5 under Windows XP 5.1 Build 2600 Service Pack 1 Notebook Acer, Pentium4-M 2.2 GHz, 512 MB RAM, ADSL line Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Marek, Sunday, November 7, 2004, 4:12:33 PM, you wrote: TB never stored msgbases in plain text format like Netscape (Unix mailbox). There were two formats of msgbases, first was used until 1.41 version, actually used format was introduced in 1.42 version and is the same until 3.x. All I know is that I can easily open and read them with a texteditor like vi or xedit. -- Best regards, Andre The Bat! v2.12.00 on Suse Linux 9.1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ***^\ ._)~~ ~( __ _o Was another beautiful day, Sat, 6 Nov 2004, @ @ at 17:33:57 +0100, when Alexander S. Kunz wrote: My virus scanner also checks TB's messagebase format (I'm using GData AVK, it contains the KAV and the BitDefender engine) and does find messages with malicious attachments that way - I don't know if thats a special feature of GData's AVK or if this is part of either the KAV or BD engine. I don't know. Anyway, if it finds such attachments in the such mail-base form then it only can be good. Try this and see yourself. Put a virus file as an attachment in a new message, save it in Outbox, and scan the respective TBB file/the message base. Will show nothing. Check directly out the attachment in TB, and AV will react. I don't even get that far because the scanner catches the .tmp file with the virus... because I haven't excluded the folder where TB puts its .tmp files... :-} Of course, for a such test, an AV dog firstly has to be disabled, no?. (-; Then you place the infected file where you want, and then you enable the AV again. (-: I have to throw some turkey slices (from my Candy freezer I bought for about 250 Euros, for my winter [Native] American turkeys, instead Win XP, after I had tried it for a month or so) on the grill now. Hungry. (: You are welcome to participate. (-: Thanks for the offer *g*. That would mean travelling to Serbia if I'm not guessing all wrong, and I fear it would be a little bit too far to arrive in time for dinner. :-) Yes, you remembered good. (: The freezer (I mean my Candy freezer I bought for about 250 Euros, for my winter [Native] American turkeys, instead Win XP, after I had tried it for a month or so) is in New Belgrade. I don't know the speed of Danube, but if you'd use its current you'd come very near my home. (-: OK, then, some other time. (: - -- Mica PGP key uploaded at: http://pgp.mit.edu/ once just before breakfast o [Earth LOG: 67 day(s) since v3.0 unleashing] OS: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium with nestled ZipSlack(tm) 9.1 UMSDOS Linux, and with Bochs 2.1.1 with a small DLX Linux; and, for TB sometimes Libranet (Linux) 2.8.1, via Cross Over Office -BEGIN PGP SIGNATURE- iD8DBQFBjnMc9q62QPd3XuIRAsOaAJ4tiXvLIW1okM9/6NYDbIH7lAwsqgCffWjd VuobuKAwAH1Gdj0J1Nmu5iY= =mVfC -END PGP SIGNATURE- Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ***^\ ._)~~ ~( __ _o Was another beautiful day, Sat, 6 Nov 2004, @ @ at 19:16:05 +0100, when Alexander S. Kunz wrote: Hello Pat, sending this off-list so people won't think I'm advertising. :-) Yea, that's fine. :grin: And hiding a good product which might be of benefit for TB users. Fine too. :grin: - -- Mica PGP key uploaded at: http://pgp.mit.edu/ once just before breakfast o [Earth LOG: 66 day(s) since v3.0 unleashing] OS: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium with nestled ZipSlack(tm) 9.1 UMSDOS Linux; and, for TB sometimes Libranet (Linux) 2.8.1, via Cross Over Office -BEGIN PGP SIGNATURE- iD8DBQFBjRwY9q62QPd3XuIRAsUpAJ9+ye113pAf0C9hBRKZvEBKo1eX2gCglje0 kUke1b4EaUaEIkPtjjh/MqA= =dbcZ -END PGP SIGNATURE- Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Andre, On Sun, 7 Nov 2004 16:56:35 +0100 GMT (07/11/2004, 22:56 +0700 GMT), Andre Wichartz wrote: TB never stored msgbases in plain text format like Netscape (Unix mailbox). AW All I know is that I can easily open and read them with a texteditor like AW vi or xedit. Just opened such a file with VIM. There seems to be a block of formatting charaters at the beginning of the file, and then again between the mails or so. I think that means it is not a plain-text file, even though much of it is readable. Compare this with a unix mailbox, and you see what is meant. .TBB files are archives. Change the extension to .UUE and then open them as usual in Total Commander - suddenly everything is much clearer. ;-) -- Cheers, Thomas. Kripo greift zu: Uber hundert Einbruche gehen auf ihr Konto. * Message reply created with The Bat! 3.0.2.4 Rush under Chinese Windows 98 4.10 Build A Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Alexander, On Sat, 6 Nov 2004 19:16:05 +0100 GMT (07/11/2004, 01:16 +0700 GMT), Alexander S. Kunz wrote: ASK sending this off-list so people won't think I'm advertising. :-) I guess you are advedrtising folder templates. ;-) -- Cheers, Thomas. Durch Trockenheit steht Landwirten das Wasser bis zum Hals. * Message reply created with The Bat! 3.0.2.4 Rush under Chinese Windows 98 4.10 Build A Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Mica again everyone else 05-Nov-2004 21:54, you wrote: One of such ones is AntiVir (Personal Edition, which is free) I use ...OTOH it is very heavy on the online updates (I never saw an update What is heavy for a broadband user? I just downloaded newest version of ~4,5 MB, for some 25 minutes on *dial-up*. Well, if you don't mind - its OK. I wouldn't like it, even though I'm on a DSL. :) The whole update process is a bit uncomfortable. You download the complete installation archive at least twice a month. My AV does all that in the background without my interaction. But it isn't free, so thats the deal maybe. :-) If I would try to update it online it would disconnect me countless times, or connection will drop in coma, the equal number of times, without possibility of resuming so I'd probably have to bequeath this online update to my progeny, using such a method. Yes, their update servers are overloaded very often... which is perfectly understandable because they preserve their bandwidth for their paying home business users. And above all, I would have firstly to *provide* some progeny. You must admit, therefore, that what you subtly foreshadow has no all pros and cons modestly equilibrated. (Today, we are string walkers.) My expectations are different that yours, thats all. I want easy slim automatic updates without wading into the depths of the program, activating some scheduler adding an event to it to get them automatically first place, and all that... it must be easy for the end user. You're an experienced end-user and you don't care to be bothered by long downloads and manual updates. Thats OK, but there's others who don't think like you. There are plenty of good AV programs Actually, there are not. :) Usually less than 50% of tested AV software reach 100% detection rate... I wholelungsly suspect that even ONE AV on this beautiful world in this part of galaxy can do that. What we read in newspapers mainly does not exist. So you rely on vague statements like there are plenty of good AV programs made on some mailing list? I prefer programs to be tested in an equal environment... that environment may be different with each test, but it shows performers and non-performers. Encrypted channels? What's that? Teach me. Please. (: Using an SSL-encrypted POP3 or IMAP connection to your mailserver for security and/or privacy reasons. Btw, once a single message is in a message base (files TBB) no AV will be able to recognize any virus, since all of them (if attachments are stored in same file) are then in plain text format. (-; Catch-22. Actually, it would be pretty bad for a virus scanner to not recognize base64 or uu-encoded inline attachments in a message(base). Most do. -- Best regards, Alexander (http://www.neurowerx.de - ICQ 238153981) using TB! v3.0.2.4 Rush on Windows XP Pro Service Pack 2 Deliplayer2 is playing: Impossible Lands by Entheogenic from the album '3D Vision Relax Module 01' Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello P.Johnson, On Thu, 4 Nov 2004 17:03:59 -0600 GMT (05/11/2004, 06:03 +0700 GMT), P.Johnson wrote: PJ I'm getting a new computer and want to get the best firewall and virus PJ protection I can, and have been looking at Trend Micro PC-cillin PJ Internet Security. I am wondering if any TB! users have tried this PJ suite; and more generally, if there has to be specific compatibility PJ between email programs and virus software. I am using PC-Cillin and TB. Problem 1: There is no plug-in. This means that every time a virus comes, the email will not be imported into TB, as the initial bat*.tmp file will be arrested by the PCC realtime scan, and the infected mail will be downloaded each time again (and the *.tmp file arrested so the mail cannot be imported into TB) until I delete it manually from the server. There probably is a way to exclude *.tmp files from scanning, but what then is the purpose? The infected mails will still be imported into TB, but now PCC will arrest the whole folder when I try to open it! Had some funny disappearing all mails in a folder issues over that a few years back. So I decided to disable the realtime scan, and I manually scan any suspicious attachments before I open them. Problem 2: PCC (since it has no plug-in for TB) will not be able to scan mails that come in via secured connection. So the infected mails will be received by TB anyway. Again, no point. At home, I am comfortable with scanning attachments manually. Most malware can be identified by sight anyway. In the office, the AV scan is server-side. That's much better, IMHO. PJ We have no answer to this question for now but you may try using your PJ software but please enable the webmail scan feature. I do not know what the webmail scan feature would have to do with this. -- Cheers, Thomas. Drink wet cement: Get Stoned. Message reply created with The Bat! 3.0.2.4 Rush under Chinese Windows 98 4.10 Build A Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
On Saturday, November 06, 2004 at 9:22:01 AM [GMT -0500], Thomas Fernandez wrote: I am using PC-Cillin and TB. Problem 1: There is no plug-in. This means that every time a virus comes, the email will not be imported into TB, as the initial bat*.tmp file will be arrested by the PCC realtime scan, and the infected mail will be downloaded each time again (and the *.tmp file arrested so the mail cannot be imported into TB) until I delete it manually from the server. There probably is a way to exclude *.tmp files from scanning, but what then is the purpose? It's not all the time that real-time scanning and locking of files is a good thing. This is why decent AV programs will support the exclusion of objects, filetypes and directories from realtime scanning. You can safely prevent the scanning of TB! temp files since the virus will be caught later. The infected mails will still be imported into TB, but now PCC will arrest the whole folder when I try to open it! In this case, I'd exclude the TB! directory from realtime scanning. I have done so here, even though I'm yet to experience that horrid effect. Had some funny disappearing all mails in a folder issues over that a few years back. So I decided to disable the realtime scan, and I manually scan any suspicious attachments before I open them. Couldn't you just exclude the TB! installation and mail directories from scanning as well as the bat tmp files? There's really nothing else to exclude. Problem 2: PCC (since it has no plug-in for TB) will not be able to scan mails that come in via secured connection. So the infected mails will be received by TB anyway. Again, no point. This is assuming you use an encrypted connection. If you don't, then excluding the temp files and the TB! directory from realtime scanning, as well as enabling mail scanning should prevent the locking of temp files and entire mailbases while checking mail as they come in. I assume PCCillin has a mailscanner. I'm also assuming PC-Cillin allows file and directory exlusions from realtime and manual scans. If PC-Cillin doesn't allow this flexibility, then I'd certainly not recommend it as a solution. There are too many decent scanners out there to choose from and which all allow that flexibility. At home, I am comfortable with scanning attachments manually. Most malware can be identified by sight anyway. In the office, the AV scan is server-side. That's much better, IMHO. Manual scanning can be tedious, but we get accustomed to a lot. Afterall, some find having to worry about viruses at all to be rather tedious. :) -- -= Allie =- . Fraud(n): A telephone number starting with 1-900 __ Using The Bat! v3.0.2.5 for IMAP mail IMAP Server: MDaemon Pro | OS: Windows XP Pro (Service Pack 2) Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ***^\ ._)~~ ~( __ _o Was another beautiful day, Sat, 6 Nov 2004, @ @ at 09:57:05 +0100, when Alexander S. Kunz wrote: What is heavy for a broadband user? I just downloaded newest version of ~4,5 MB, for some 25 minutes on *dial-up*. Well, if you don't mind - its OK. I wouldn't like it, even though I'm on a DSL. :) That's why they call you Alexander and me Mica. (-: And I like this. In both directions. Otherwise would be boring. The whole update process is a bit uncomfortable. You download the complete installation archive at least twice a month. Yep. Something like this. And for me is not uncomfortable, until I can resume download (but using this way it almost never happens that connection is interrupted for those 20-30 minutes; I don't know why...). My AV does all that in the background without my interaction. There you see. While I *like* to interact with the contraption. (: But it isn't free, so thats the deal maybe. :-) Yep. It is, of course, and often, and especially in the world of software. The fact is that the price does not guarantee any quality. If it would be different, I wouldn't buy a Candy freezer for my winter (Native) American turkeys for about 250 Euros, instead Win XP, after I had tried it for a month or so. (-: Man, the freezer is of 110 liters and is full of turkeys (just two of them). I have a winter food, something I can *remember*, and enjoy in. Investing, that way, in software is very risky. And often silly. If I would try to update it online it would disconnect me countless times, or connection will drop in coma, the equal number of times, without possibility of resuming so I'd probably have to bequeath this online update to my progeny, using such a method. Yes, their update servers are overloaded very often... which is perfectly understandable because they preserve their bandwidth for their paying home business users. Hmm... IMO, *no* AV is that good that should be paid for. And above all, I would have firstly to *provide* some progeny. You must admit, therefore, that what you subtly foreshadow has no all pros and cons modestly equilibrated. (Today, we are string walkers.) My expectations are different that yours, thats all. I want easy slim automatic updates without wading into the depths of the program, activating some scheduler adding an event to it to get them automatically first place, and all that... it must be easy for the end user. You're an experienced end-user and you don't care to be bothered by long downloads and manual updates. Thats OK, but there's others who don't think like you. I am all the time aware of it. (: That's the reason we exchange our experiences and each person can choose and apply the preferred way. There are plenty of good AV programs Actually, there are not. :) Usually less than 50% of tested AV software reach 100% detection rate... I wholelungsly suspect that even ONE AV on this beautiful world in this part of galaxy can do that. What we read in newspapers mainly does not exist. So you rely on vague statements like there are plenty of good AV programs made on some mailing list? :) Quite contrarily, this statement of mine, I exposed on a mailing list, comes from experience I had with AV programs, which I rely on. I prefer programs to be tested in an equal environment... that environment may be different with each test, but it shows performers and non-performers. Agree. That's the experience. Encrypted channels? What's that? Teach me. Please. (: Using an SSL-encrypted POP3 or IMAP connection to your mailserver for security and/or privacy reasons. Ah, that. OK. Thanks. Btw, once a single message is in a message base (files TBB) no AV will be able to recognize any virus, since all of them (if attachments are stored in same file) are then in plain text format. (-; Catch-22. Actually, it would be pretty bad for a virus scanner to not recognize base64 or uu-encoded inline attachments in a message(base). Most do. KAV couldn't, NOD-32 couldn't, PC-Sillyn couldn't, F-prot couldn't... Try this and see yourself. Put a virus file as an attachment in a new message, save it in Outbox, and scan the respective TBB file/the message base. Will show nothing. Check directly out the attachment in TB, and AV will react. I have to throw some turkey slices (from my Candy freezer I bought for about 250 Euros, for my winter [Native] American turkeys, instead Win XP, after I had tried it for a month or so) on the grill now. Hungry. (: You are welcome to participate. (-: - -- Mica PGP key uploaded at: http://pgp.mit.edu/ once just before breakfast :happypiglet: [Earth LOG: 66 day(s) since v3.0 unleashing] OS: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium with nestled ZipSlack(tm) 9.1 UMSDOS Linux; and, for TB sometimes Libranet (Linux) 2.8.1, via Cross Over Office -BEGIN PGP SIGNATURE-
Re: PC-cillin and TB!
Hello Allie, On Sat, 6 Nov 2004 09:54:31 -0500 GMT (06/11/2004, 21:54 +0700 GMT), Allie Martin wrote: Problem 1: There is no plug-in. This means that every time a virus comes, the email will not be imported into TB, as the initial bat*.tmp file will be arrested by the PCC realtime scan, a AM Couldn't you just exclude the TB! installation and mail directories from AM scanning as well as the bat tmp files? There's really nothing else to AM exclude. Yes, I could. In fact, I excluded all file extensions by just turning off the darned realtime scan. But the question was about TB and PCC, and if the solution is to exclude the tmp files and the TB directory from realtime scan, the question must be answered as useless combination. Problem 2: PCC (since it has no plug-in for TB) will not be able to scan mails that come in via secured connection. So the infected mails will be received by TB anyway. Again, no point. AM This is assuming you use an encrypted connection. If you don't, then AM excluding the temp files and the TB! directory from realtime scanning, [...] Yes, this is a second scenario. This way, PCC won't stop the malware at the tmp level, and won't arrest the folders. In fact, it would not interact with TB at all. Which is what was said above. At home, I am comfortable with scanning attachments manually. Most malware can be identified by sight anyway. In the office, the AV scan is server-side. That's much better, IMHO. AM Manual scanning can be tedious, but we get accustomed to a lot. An AV program with a TB plug-in would filter the infected mails to a quarantine folder within TB, where you could do with them what you want. In my case, delete them all (except for that test message with Eicar), but it's in any case more convenient than manual scanning. AM Afterall, some find having to worry about viruses at all to be rather AM tedious. :) Do they know how tedious it is to reinstall everything from backup? ;-) -- Cheers, Thomas. Um zu antworten, bitte die From-Zeile mit ROT13 bearbeiten. Danach mit MD5 hashen, zeichenweise den ASCII-Code um 2 erhoehen (mod 57) und erneut um 63 erhoehen. Dann mit der urspruenglichen Adresse x-oren. Schliesslich am Ergebnis erfreuen und so antworten wie gewohnt. Message reply created with The Bat! 3.0.2.4 Rush under Chinese Windows 98 4.10 Build A Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
On Saturday, November 06, 2004 at 10:29:17 AM [GMT -0500], Thomas Fernandez wrote: Yes, I could. In fact, I excluded all file extensions by just turning off the darned realtime scan. But the question was about TB and PCC, and if the solution is to exclude the tmp files and the TB directory from realtime scan, the question must be answered as useless combination. If you exclude the TB! directory and temp files, then still enabling the realtime scan wouldn't be a useless combination. Attempting to open or save an infected attachment to disk would trigger the realtime scanner. That's better than a completely manual approach. It's not useless. Yes, this is a second scenario. This way, PCC won't stop the malware at the tmp level, and won't arrest the folders. In fact, it would not interact with TB at all. Which is what was said above. Yes. Interacting with TB!'s operations creates problems. This is why mailscanning is offered by mose scanners today. It checks the mail *before* TB! starts interacting with it. Scanners shouldn't interfere once TB! begins handling the mail. Unless a plugin is doing the interacting and TB! controls what's happening via the plugin. An AV program with a TB plug-in would filter the infected mails to a quarantine folder within TB, where you could do with them what you want. In my case, delete them all (except for that test message with Eicar), but it's in any case more convenient than manual scanning. Yes. IMO, in order of effectiveness and convenience: - using plugin when available with non-specific mail scanning support disabled. - if no plugin available, and you're not using an encrypted protocol, mail scanning while excluding the TB! directory and temp files from scanning. - if no plugin available and you're using an encrypted connection, then disable non-specific mail scanning support, and exclude the TB! directories and temp file. Keep the realtime scanner running. AM Afterall, some find having to worry about viruses at all to be rather AM tedious. :) Do they know how tedious it is to reinstall everything from backup? ;-) I'm referring to those who don't have to worry about viruses, like Mac and Linux users. -- -= Allie =- . No good deed goes unpunished - Clare Booth Luce __ Using The Bat! v3.0.2.5 for IMAP mail IMAP Server: MDaemon Pro | OS: Windows XP Pro (Service Pack 2) Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Mica Mijatovic everyone else 06-Nov-2004 16:20, you wrote: Actually, it would be pretty bad for a virus scanner to not recognize base64 or uu-encoded inline attachments in a message(base). Most do. KAV couldn't, NOD-32 couldn't, PC-Sillyn couldn't, F-prot couldn't... My mistake, somewhere in between the mails I started mixing things up. I did not mean TB's messagebase, but a unix messagebase (plain text format), or a .eml | .msg attachment (when exported). Those are usually covered with the archive support of virus scanners (at least mine does it that way, I can switch off the checking of mail archives however, for it is a lengthy process to decode all attachments). My virus scanner also checks TB's messagebase format (I'm using GData AVK, it contains the KAV and the BitDefender engine) and does find messages with malicious attachments that way - I don't know if thats a special feature of GData's AVK or if this is part of either the KAV or BD engine. Try this and see yourself. Put a virus file as an attachment in a new message, save it in Outbox, and scan the respective TBB file/the message base. Will show nothing. Check directly out the attachment in TB, and AV will react. I don't even get that far because the scanner catches the .tmp file with the virus... because I haven't excluded the folder where TB puts its .tmp files... :-} I have to throw some turkey slices (from my Candy freezer I bought for about 250 Euros, for my winter [Native] American turkeys, instead Win XP, after I had tried it for a month or so) on the grill now. Hungry. (: You are welcome to participate. (-: Thanks for the offer *g*. That would mean travelling to Serbia if I'm not guessing all wrong, and I fear it would be a little bit too far to arrive in time for dinner. :-) -- Best regards, Alexander (http://www.neurowerx.de - ICQ 238153981) using TB! v3.0.2.4 Rush on Windows XP Pro Service Pack 2 Deliplayer2 is playing: The Last Laugh by Mark Knopfler from the 2000 album 'Sailing to Philadelphia' Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Allie, On Sat, 6 Nov 2004 11:03:23 -0500 GMT (06/11/2004, 23:03 +0700 GMT), Allie Martin wrote: AM If you exclude the TB! directory and temp files, then still enabling the AM realtime scan wouldn't be a useless combination. Attempting to open or AM save an infected attachment to disk would trigger the realtime scanner. AM That's better than a completely manual approach. It's not useless. OK, I didn't think about the opening right out of TB, because I don't do that anymore. But you are right, changing my habits would make things even easier this way. AM IMO, in order of effectiveness and convenience: Agreed. I'll wait for that plug-in for PCC though, because it is a very good virus and trojan scanner. Do they know how tedious it is to reinstall everything from backup? ;-) AM I'm referring to those who don't have to worry about viruses, like Mac AM and Linux users. I misunderstood. I thought you were talking about Windows users who don't use any such protection at all, causing all of us receiving the malware over and over again. -- Cheers, Thomas. Things You Would Never Know Without the Movies: Every time a person turns on the television to see the news, he instantly sees what he wants and what concerns him. Message reply created with The Bat! 3.0.2.4 Rush under Chinese Windows 98 4.10 Build A Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
On Saturday, November 06, 2004 at 11:22:52 AM [GMT -0500], Thomas Fernandez wrote: Agreed. I'll wait for that plug-in for PCC though, because it is a very good virus and trojan scanner. That requires some assistance and commitment from the PC-Cillin producers. Are they interested in a plugin for TB!? -- -= Allie =- . Shotgun wedding: a case of wife or death. __ Using The Bat! v3.0.2.5 for IMAP mail IMAP Server: MDaemon Pro | OS: Windows XP Pro (Service Pack 2) Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Allie, On Sat, 6 Nov 2004 11:56:32 -0500 GMT (06/11/2004, 23:56 +0700 GMT), Allie Martin wrote: AM That requires some assistance and commitment from the PC-Cillin AM producers. Are they interested in a plugin for TB!? I have no idea. -- Cheers, Thomas. Ever notice that PRICE and WORTH mean the same thing, but priceless and worthless are opposites? -- Jay Trachman Message reply created with The Bat! 3.0.2.4 Rush under Chinese Windows 98 4.10 Build A Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: PC-cillin and TB!
Hello Alexander, On Saturday, November 6, 2004, 11:49 AM, [EMAIL PROTECTED] wrote: ... ASK Well, if you don't mind - its OK. I wouldn't like it, even though I'm on a ASK DSL. :) The whole update process is a bit uncomfortable. You download the ASK complete installation archive at least twice a month. My AV does all that ASK in the background without my interaction. But it isn't free, so thats the ASK deal maybe. :-) If I would try to update it online it would disconnect me countless times, or connection will drop in coma, the equal number of times, without possibility of resuming so I'd probably have to bequeath this online update to my progeny, using such a method. ... ASK My expectations are different that yours, thats all. I want easy slim ASK automatic updates without wading into the depths of the program, activating ASK some scheduler adding an event to it to get them automatically first ASK place, and all that... it must be easy for the end user. Can I ask what AV program you are using? -- Best wishes, Pat A Canadian in Houston Using The Bat! v3.0.1.33 on Windows XP 5.1 Build 2600 Service Pack 1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Pat, sending this off-list so people won't think I'm advertising. :-) 06-Nov-2004 18:52, you wrote: Can I ask what AV program you are using? Sure. Its the GData AntiVirusKit from http://www.gdatasoftware.com (this is their english page, the german page is http://www.gdata.de - its more recent, already lists the new 2005 versions of their security products) The program utilizes the Kaspersky and BitDefender engines, GData made the GUI and additional components like POP3 scanner and (*sigh*) MS Outlook plugin for it. I just saw they're not offering trial version downloads on the english page, and they trial versions on the german page only come with german GUI... *sigh2* -- Best regards, Alexander (http://www.neurowerx.de - ICQ 238153981) using TB! v3.0.2.4 Rush on Windows XP Pro Service Pack 2 Deliplayer2 is playing: Coyote by Mark Knopfler Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello P.Johnson, On Sat, 6 Nov 2004 11:49:12 -0600 GMT (07/11/2004, 00:49 +0700 GMT), P.Johnson wrote: PJ Thanks Thomas, your comments have really helped. You're welcome. -- Cheers, Thomas. Things You Would Never Know Without the Movies: Most laptop computers are powerful enough to override the communication systems of any invading alien civilization. Message reply created with The Bat! 3.0.2.4 Rush under Chinese Windows 98 4.10 Build A Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello P.Johnson, Friday, November 5, 2004, 12:03:59 AM, you wrote: I'm getting a new computer and want to get the best firewall and virus protection I can, and have been looking at Trend Micro PC-cillin Internet Security. Do you have a reason to look at this specific product? As for Antivirus Software - the Kaspersky Labs Antivirus has repeatedly won quite some tests, its the AV solution I'd go for if I already wouldn't use another product (which uses the Kasperky AV engine *g*). AFAIK there's a Kaspersky AV plugin available for TheBat - this has a couple of advantages: you don't need to use a local proxy or POP scanner, you can exclude TB's mail dir from the filesystem realtime protection (and thus won't have the AV program possibly lock out TB from its own database, and it will increase the speed of TB as well). that sort of thing. Firewall - well, the best firewall is air. The air thats between the plug and the socket when you pull the cable of your internet connection. :) OK, joking aside... the personal firewall that runs on the very same machine it should protect is subject to lengthy discussions for a while. However, I do see a benefit from using this kind of software, so here's my two cents: There's two ways to look at a firewall - #1 control whats going *IN* to your computer, and #2 control what wants to go *OUT* from your computer (which programs want to phone home, that sort of thing). #1 is the real security issue, and the built-in firewall of Win XP (SP2) is good enough for that, period. #2 is a privacy issue - and you'll need a separate product for that. There's a couple of freeware personal firewall solutions, and I would use one of them (Tiny Personal Firewall, Sygate, Outpost...). HTH -- Best regards, Alexandermailto:[EMAIL PROTECTED] Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ***^\ ._)~~ ~( __ _o Was another beautiful day, Thu, 4 Nov 2004, @ @ at 17:03:59 -0600, when P.Johnson wrote: Hello, I'm getting a new computer and want to get the best firewall and virus protection I can, and have been looking at Trend Micro PC-cillin Internet Security. I am wondering if any TB! users have tried this suite; and more generally, if there has to be specific compatibility between email programs and virus software. On the Trend site, under System Requirements, email, The Bat! is not listed. I asked whether PC-cillin would scan my TB! mail, and got this reply: We have no answer to this question for now but you may try using your software but please enable the webmail scan feature. If you experience any problems, please do not hesitate to write us. Hope this helps. Hmmm. Yah. You simply could try some AV which is not at all specifically tied/dedicated to e-mail traffic; simply an engine which will treat ALL sorts of activities in the same way, controlling *everything* what happens to your machine - *including* mail traffic (without any need for a dedicated plug-in). One of such ones is AntiVir (Personal Edition, which is free) I use often, and it (the Guard part of it) will react on ANY occurrence which involves a suspicious file/action. It is *very light* in spending resources whilst it monitors machine. And although I have pretty tight selective download filters, here and there AntiVir is catching some infected file, and asks me for action I'd prefer (renaming, deleting, denying/allowing access etc.). It does that very fast, so you can proceed download of other messages of that account, on the fly. It will react even if just a single *component* used for building a viruses, trojans etc. is found in a file, warning you about possible hazard such file can cause. (The example is when a program for revealing passwords is shown in a file manager; such program is NOT a virus/trojan, but has some components used for building them. Another example are shareware programs having components for phoning home, etc.) There are plenty of good AV programs, so is not very grateful to say which one is best, but basically those which are able to function independently, that is to treat all files/occurrences equally, using no special plug-in (which requires some sort of integration with a particular application, which, further, might be a cause of possible complications), are most reliable. - -- Mica PGP key uploaded at: http://pgp.mit.edu/ once just before breakfast :flagmica: [Earth LOG: 65 day(s) since v3.0 unleashing] OS: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium with nestled ZipSlack(tm) 9.1 UMSDOS Linux; and, for TB sometimes Libranet (Linux) 2.8.1, via Cross Over Office -BEGIN PGP SIGNATURE- iD8DBQFBi33K9q62QPd3XuIRAvOlAJ9wyZXts8/6EV6MmKMLPQSihTq1CQCgiNOJ QuWZ1sQnaijGpiK5nx3rMgA= =Kc4Q -END PGP SIGNATURE- Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello WilWilWil! On Thursday, November 04, 2004, 6:15 PM, you wrote, in part: W I had the same problem when testing KAV personal Pro 5 with TB3 ! W TB3 froze because KAV blocked some TB databases files. It was very W annoying. That why I 've chosen AVG 7. Now viruses are great W managed and moved to quarantine without perturbation. There's been a thread on tbbeta about the incompatibility of Kaspersky versions 5.xx with TB! versions 3.xx. This was in early to mid-October, 2004. Kaspersky and TB! are no longer compatible--the plug-in to TB! will not be further developed to make it compatible, according to this thread, in which some of the RitLabs programmers partcipated. -- Best regards, Mary The Bat! 3.0.2.4 Rush on Windows XP 5.1 2600 Service Pack 2 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: PC-cillin and TB!
Hello, Mary. Kaspersky and TB! are no longer compatible As I heard TheBat can work with KAV 4,5 - 5 (Personal) via new plug-in klav 4.0.1.19 http://www.thebatworld.de/modules/download/index.php?op=viewlinkdetailslid=44ttitle=Kaspersky_Pro_AV_Plugin_4.0.1.19_%28KAV_4.x%2F5.x%29 http://www.batboard.net/index.php?showtopic=2516st=0 -- Best regards, Ivan Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Anti-Virus Programs that work with TB! [was Re: PC-cillin and TB!]
Hello Ivan! On Friday, November 05, 2004, 8:35 AM, you wrote: MB Kaspersky and TB! are no longer compatible I As I heard TheBat can work with KAV 4,5 - 5 (Personal) I via new plug-in klav 4.0.1.19 I http://www.thebatworld.de/modules/download/index.php?op=viewlinkdetailslid=44ttitle=Kaspersky_Pro_AV_Plugin_4.0.1.19_%28KAV_4.x%2F5.x%29 I http://www.batboard.net/index.php?showtopic=2516st=0 Is it not still in the testing phase? (Second URL). One work-around told on tbbeta was to install the KAV 4.xx plug-in on TB! v. 2.xx and then upgrade to TB! v. 3.xx, in which case the KAV 4.xx plug-in is conserved. Seems like a lot of trouble, when AVG is still a viable (with a free option) alternative, and when F-Secure 2005 works perfectly with TB! with no plug-in. (I'm using F-Secure--but I have no interest in the company beyond being a customer. :) ) -- Best regards, Mary The Bat! 3.0.2.4 Rush on Windows XP 5.1 2600 Service Pack 2 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: PC-cillin and TB!
Hello Leo, On Thursday, November 4, 2004, 10:11 AM, [EMAIL PROTECTED] wrote: I'm getting a new computer and want to get the best firewall and virus protection I can, and have been looking at Trend Micro PC-cillin Internet Security. I am wondering if any TB! users have tried this suite; and more generally, if there has to be specific compatibility between email programs and virus software. LL I have a Trend Micro Office Suite mandatory at work, including the laptop LL which runs The Bat (1.x) for my private mail. I receive a lot of spam, and LL some of it is virus-infected. The problem is, that when the Bat stores LL this virus attachment on disk, the OfficeScan pops up saying it's a virus. LL For some reason TheBat cannot continue operation (I guess because LL OfficeScan takes over the file for quarantine or smth), and the message is LL not deleted on the server. This means that every 5 minutes (my polling LL period) I get this message and have to delete the e-mail manually on the LL server. So TB mail is scanned; but Trend then is alerted to the virus which TB has isolated. Not good. I wonder if there would be any difference in the Home edition, and with TB v3.x. Thanks for the information! -- Best wishes, Pat A Canadian in Houston Using The Bat! v3.0.1.33 on Windows XP 5.1 Build 2600 Service Pack 1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[3]: PC-cillin and TB!
Hello WilWilWil, On Thursday, November 4, 2004, 10:16 AM, [EMAIL PROTECTED] wrote: LL ...The problem is, that when the Bat stores LL this virus attachment on disk, the OfficeScan pops up saying it's a virus. LL For some reason TheBat cannot continue operation (I guess because LL OfficeScan takes over the file for quarantine or smth), and the message is LL not deleted on the server. This means that every 5 minutes (my polling LL period) I get this message and have to delete the e-mail manually on the LL server. W...I had the same problem when testing KAV personal Pro 5 with TB3 ! W TB3 froze because KAV blocked some TB databases files. It was W very annoying. That why I 've chosen AVG 7. Now viruses are great W managed and moved to quarantine without perturbation. W And for firewall I use Kerio Personal Firewall 4. It's free and W work well with my system (AVG / Ad-Aware 6 / TB3). I currently use ZA Pro and AVG free and am not 100% happy with either. I'll have a look at Kerio. Thanks for your help. -- Best wishes, Pat A Canadian in Houston Using The Bat! v3.0.1.33 on Windows XP 5.1 Build 2600 Service Pack 1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: PC-cillin and TB!
Hi Alexander, On Friday, November 5, 2004, 10:55 AM, [EMAIL PROTECTED] wrote: I'm getting a new computer and want to get the best firewall and virus protection I can, and have been looking at Trend Micro PC-cillin Internet Security. ASK Do you have a reason to look at this specific product? I read a very good review of the product; also wanted to try a bundled virus/firewall. ASK AFAIK there's a Kaspersky AV plugin available for TheBat - Yes, I visited the Kaspersky site and there is a plugin available. ASK Firewall - well, the best firewall is air. The air thats between the ASK plug and the socket when you pull the cable of your internet ASK connection. :) Pull the... cable?? Disconnect??? ASK OK, joking aside... Whew. :-)) ASK the personal firewall that runs on the very same ASK machine it should protect is subject to lengthy discussions for a ASK while. However, I do see a benefit from using this kind of software, ASK so here's my two cents:... ASK #1 is the real security issue, and the built-in firewall of Win XP ASK (SP2) is good enough for that, period. #2 is a privacy issue - and ASK you'll need a separate product for that. There's a couple of freeware ASK personal firewall solutions, and I would use one of them (Tiny ASK Personal Firewall, Sygate, Outpost...). Yes, I was hoping to install something like the PC-cillin suite and not have to go shopping. Oh well! Thanks very much for your comments. -- Best wishes, Pat A Canadian in Houston Using The Bat! v3.0.1.33 on Windows XP 5.1 Build 2600 Service Pack 1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: PC-cillin and TB!
Hi Mary, On Thursday, November 4, 2004, 11:01 AM, [EMAIL PROTECTED] wrote: PJ I'm getting a new computer and want to get the best firewall and PJ virus protection I can, MB Pat, I have had no problems with F-Secure. MB http://www.f-secure.com/ There are so many! ... but as I said in an earlier post, I was (for some reason) looking for a combination anit-virus/firewall product and f-secure also fits the bill. MB I am using only its AV (it now offers a suite, new this year, with MB firewall) and I have just renewed my license, after one year's use. MB The interface is friendly and it has the advantage of combining 3 MB separate virus-scanning engines. XP SP2 recognizes it. There's no MB plug-in for TB!, but that's not necessary. F-Secure recognizes an MB e-mail infection as it is being downloaded. It recognizes an infected MB file as soon as it's clicked on. MB For my firewall I'm using the free Sygate. Just upgraded to the latest MB one. I like it for its simple user interface, also. Sygate gets good reviews too. MB But WilWilWil has a good set-up, too, with the free anti-virus program MB AVG--which *does* have a plug-in for TB!--and Kerio as firewall. I MB used AVG for about six months. Left it for Kaspersky (KAV), because MB Kaspersky updated more often. I am currently using AVG free version and it seems to work well, though in those comparison charts is not as aggressive as some anti-virus programs. On the other hand, I've been looking at those charts so much I've gone cross-eyed. MB Kaspersky's interface I found quite MB complicated. And it no longer supports The Bat! with a plug-in. Last MB November I moved to F-Secure. It can be set to check automatically for MB updates as often as you like. Virus Definitions are usually updated MB daily, but sometimes more often. The Kaspersky site says there is a plugin for TB!, but did say version 1.x and up, which doesn't exactly build confidence. :-) MB The question of choosing an AV and a firewall to go with TB! comes up MB rather often on tbudl. You might try a search on the Gmane archives MB for more opinions. I know this topic comes up a lot, and really only wanted someone to say PC-cillin works PERFECTLY with The Bat!. But since it doesn't the info I've received has been helpful, and I really am sorry to open up this discussion again. I would insert the appropriate smiley here, but that's another discussion left alone for awhile! :-) --oops. Thanks Mary, for your always helpful comments. -- Best wishes, Pat A Canadian in Houston Using The Bat! v3.0.1.33 on Windows XP 5.1 Build 2600 Service Pack 1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: PC-cillin and TB!
Hi Michael, On Thursday, November 4, 2004, 11:11 AM, [EMAIL PROTECTED] wrote: PJ I'm getting a new computer and want to get the best firewall and virus PJ protection I can, and have been looking at Trend Micro PC-cillin PJ Internet Security. I am wondering if any TB! users have tried this PJ suite; and more generally, if there has to be specific compatibility PJ between email programs and virus software. MR I use Trend OfficeScan, which has the same or similar engine to MR PC-Cillin. I had to manually change my Account Properties so that the MR mail server was 'localhost' and the user was of the format MR 'xxx%domain.com/pop.domain.com'. It's not as integrated as the MR programs that work directly with TheBat! but the other features of the MR product are nice. Did Trend provide instructions for changing your Account Properties? (They sound similar to the changes I made when using SpamPal.) Otherwise, you don't have a problem with OfficeScan shutting down TB!, like Leo did? Still, since the support at Trend was less than helpful, I may have to give the product a pass (that is, a fail :-)). I appreciate your help! -- Best wishes, Pat A Canadian in Houston Using The Bat! v3.0.1.33 on Windows XP 5.1 Build 2600 Service Pack 1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: PC-cillin and TB!
Hi Mica, On Friday, November 5, 2004, 11:18 AM, [EMAIL PROTECTED] wrote: I'm getting a new computer and want to get the best firewall and virus protection I can, and have been looking at Trend Micro PC-cillin Internet Security. I am wondering if any TB! users have tried this suite; and more generally, if there has to be specific compatibility between email programs and virus software. On the Trend site, under System Requirements, email, The Bat! is not listed... MM You simply could try some AV which is not at all specifically MM tied/dedicated to e-mail traffic; simply an engine which will treat ALL MM sorts of activities in the same way, controlling *everything* what MM happens to your machine - *including* mail traffic (without any need for MM a dedicated plug-in). That is exactly what I am looking for, but of course want the email scan included, as you say. Plug in not necessary. MM One of such ones is AntiVir (Personal Edition, MM which is free) I use often, and it (the Guard part of it) will react MM on ANY occurrence which involves a suspicious file/action. I haven't heard of this one! MM It is *very MM light* in spending resources whilst it monitors machine. That I like very much. MM And although I MM have pretty tight selective download filters, here and there AntiVir is MM catching some infected file, and asks me for action I'd prefer MM (renaming, deleting, denying/allowing access etc.). It does that very MM fast, so you can proceed download of other messages of that account, on MM the fly. ...as long as you don't have to be too techie to run the software efficiently? MM There are plenty of good AV programs, so is not very grateful to say MM which one is best, but basically those which are able to function MM independently, that is to treat all files/occurrences equally, using MM no special plug-in (which requires some sort of integration with a MM particular application, which, further, might be a cause of possible MM complications), are most reliable. Yes I think you are right; sometimes the convenience of a plug in turns out to be a major headache instead, and needless since most virus programs will scan without the integration. Thank you very much, Mica! -- Best wishes, Pat A Canadian in Houston Using The Bat! v3.0.1.33 on Windows XP 5.1 Build 2600 Service Pack 1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Mica Mijatovic everyone else 05-Nov-2004 14:19, you wrote: One of such ones is AntiVir (Personal Edition, which is free) I use often, and it (the Guard part of it) will react on ANY occurrence which involves a suspicious file/action. It is *very light* in spending resources whilst it monitors machine. ...OTOH it is very heavy on the online updates (I never saw an update below 1MB), and the way to set the online update in a way that it will happen automatically is to be found only by the more curious users. There are plenty of good AV programs Actually, there are not. :) Usually less than 50% of tested AV software reach 100% detection rate... so is not very grateful to say which one is best, but basically those which are able to function independently, that is to treat all files/occurrences equally, using no special plug-in (which requires some sort of integration with a particular application, which, further, might be a cause of possible complications), are most reliable. It can be an advantage to have an email plugin, as it is outlined in TB's helpfile, too (search the index for anti-virus): it may detect malware in email that comes via encrypted channels, too, where normal mail scanners fail, for example. In addition, there are antivirus programs which are simply not aware of all email programs and their database files. Imagine an antivirus program that detects a virus signature in a large email folder (where the virus does absolutely no harm) and it quarantines the whole file, or, if the scanner is configured more strict, deletes the whole folder at once. Surprise surprise - all mails gone. My strategy is to completely exclude the mail programs data folders from both the on-access and on-demand scanning, and have the mails scanned separately (if at all, I do not) - if you click on a malicious attachment and try to execute and/or save it, the on-access scanner will catch it, anyway. YMMV -- Best regards, Alexander (http://www.neurowerx.de - ICQ 238153981) using TB! v3.0.2.4 Rush on Windows XP Pro Service Pack 2 A person starts to live when he can live outside himself. -- Albert Einstein Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ***^\ ._)~~ ~( __ _o Was another beautiful day, Fri, 5 Nov 2004, @ @ at 19:43:37 +0100, when Alexander S. Kunz wrote: Hello Mica Mijatovic everyone else Glad to see you. (: 05-Nov-2004 14:19, you wrote: One of such ones is AntiVir (Personal Edition, which is free) I use often, and it (the Guard part of it) will react on ANY occurrence which involves a suspicious file/action. It is *very light* in spending resources whilst it monitors machine. ...OTOH it is very heavy on the online updates (I never saw an update below 1MB), and the way to set the online update in a way that it will happen automatically is to be found only by the more curious users. What is heavy for a broadband user? I just downloaded newest version of ~4,5 MB, for some 25 minutes on *dial-up*. If I would try to update it online it would disconnect me countless times, or connection will drop in coma, the equal number of times, without possibility of resuming so I'd probably have to bequeath this online update to my progeny, using such a method. And above all, I would have firstly to *provide* some progeny. You must admit, therefore, that what you subtly foreshadow has no all pros and cons modestly equilibrated. (Today, we are string walkers.) There are plenty of good AV programs Actually, there are not. :) Usually less than 50% of tested AV software reach 100% detection rate... I wholelungsly suspect that even ONE AV on this beautiful world in this part of galaxy can do that. What we read in newspapers mainly does not exist. There is NO any AV which will catch 100% of anything something. That's the reason I used term good instead perfect, and further, that's the reason why people use more than one AV, for various sorts of (digital) beasts, for the raids from left, right, back... Under... You have to have *strategy*. You cannot just buy a gun and that's all. What's one gun for all of that growing populace. If those beast are so easily scared, we could kill them by frowning. . It can be an advantage to have an email plugin, as it is outlined in TB's helpfile, too (search the index for anti-virus): it may detect malware in email that comes via encrypted channels, too, where normal mail scanners fail, for example. Encrypted channels? What's that? Teach me. Please. (: In addition, there are antivirus programs which are simply not aware of all email programs and their database files. Imagine an antivirus program that detects a virus signature in a large email folder (where the virus does absolutely no harm) and it quarantines the whole file, or, if the scanner is configured more strict, deletes the whole folder at once. Surprise surprise - all mails gone. Surprise, surprise - you didn't follow my exposure. (: Pat, pat. I'll be shameless and will cite myself: ...AntiVir is catching some infected file, and asks me for action I'd prefer (renaming, deleting, denying/allowing access etc.). It does that very fast, so you can proceed download of other messages of that account... ...so you can proceed download of other messages of that account -- other and messages; therefore it intercepts single messages *before* they become a part of any folder or whatever database, if they are of a such fate, therefore before they even *arrive* in TB. So, the suspicious message wants to come in, and AntiVir says: No! Stop! You can't get in since you are suspicious. I have to ask the Boss (it's Me) firstly. And only if I allow that, this single message is entering and is becoming the part of some folder or whatever, by its respective merit. My strategy is to completely exclude the mail programs data folders from both the on-access and on-demand scanning, and have the mails scanned separately (if at all, I do not) - if you click on a malicious attachment and try to execute and/or save it, the on-access scanner will catch it, anyway. YMMV Your strategy is also good, but Miss Pat asked for an AV which will *also* check the incoming mail, when it yet consists from separate single messages, before they become the part of a data folders. She then will have many opportunities to click on them as well. AntiVir can do that too. Btw, once a single message is in a message base (files TBB) no AV will be able to recognize any virus, since all of them (if attachments are stored in same file) are then in plain text format. (-; Catch-22. So, it's good then to keep all attachments separately. *Then* you can check them for viruses successfully, even if they are not open in TB. What are those encrypted channels? Do I have some of these? - -- Mica PGP key uploaded at: http://pgp.mit.edu/ once just before breakfast o [Earth LOG: 65 day(s) since v3.0 unleashing] OS: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium with nestled ZipSlack(tm) 9.1 UMSDOS Linux; and, for TB sometimes Libranet (Linux) 2.8.1, via Cross Over Office -BEGIN PGP
Re: PC-cillin and TB!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ***^\ ._)~~ ~( __ _o Was another beautiful day, Fri, 5 Nov 2004, @ @ at 11:25:05 -0600, when P.Johnson wrote: MM One of such ones is AntiVir (Personal Edition, MM which is free) I use often, and it (the Guard part of it) will react MM on ANY occurrence which involves a suspicious file/action. I haven't heard of this one! Sorry, I forgot link: www.bedv.com is home page. Also there is info at www.free-av.com, and direct d/l link (I just have installed the newest version) is this: http://www.avup.de/personal/en/avwinsfx.exe Size: 4364KB MM And although I have pretty tight selective download filters, here MM and there AntiVir is catching some infected file, and asks me for MM action I'd prefer (renaming, deleting, denying/allowing access MM etc.). It does that very fast, so you can proceed download of other MM messages of that account, on the fly. ...as long as you don't have to be too techie to run the software efficiently? TB is much more techie. (-: After all, you may try it and see yourself if it fits your needs. (: - -- Mica PGP key uploaded at: http://pgp.mit.edu/ once just before breakfast o [Earth LOG: 65 day(s) since v3.0 unleashing] OS: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium with nestled ZipSlack(tm) 9.1 UMSDOS Linux; and, for TB sometimes Libranet (Linux) 2.8.1, via Cross Over Office -BEGIN PGP SIGNATURE- iD8DBQFBjAQc9q62QPd3XuIRAsBdAJ4lY+2O5lhMBUEJAmjCoEIkwDni2ACeJ3uH 8S7VrWo6YIVG9aGofk7KwuA= =m4LS -END PGP SIGNATURE- Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hi On Friday, 5 November, 2004, at 8:54:35 PM, Mica Mijatovic wrote: So, it's good then to keep all attachments separately. *Then* you can check them for viruses successfully, even if they are not open in TB. from TB help file: Attachments stored separately from message bodies may not get moved between account folders if a message body is moved. Is this still true? -- Best regards, MFPAmailto:[EMAIL PROTECTED] Using The Bat! v2.12.00 on Windows XP 5.1 Build 2600 Service Pack 1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hi On Friday, 5 November, 2004, at 5:10:36 PM, P.Johnson wrote: The Kaspersky site says there is a plugin for TB!, but did say version 1.x and up, which doesn't exactly build confidence. :-) Just for comparison: To install AVG plugin, a version 1.60 (or newer) of The Bat! is required. The previous versions don't contain a support of anti-virus plugins. -- Best regards, MFPAmailto:[EMAIL PROTECTED] Using The Bat! v2.12.00 on Windows XP 5.1 Build 2600 Service Pack 1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
PC-cillin and TB!
Hello, I'm getting a new computer and want to get the best firewall and virus protection I can, and have been looking at Trend Micro PC-cillin Internet Security. I am wondering if any TB! users have tried this suite; and more generally, if there has to be specific compatibility between email programs and virus software. On the Trend site, under System Requirements, email, The Bat! is not listed. I asked whether PC-cillin would scan my TB! mail, and got this reply: We have no answer to this question for now but you may try using your software but please enable the webmail scan feature. If you experience any problems, please do not hesitate to write us. Hope this helps. Hmmm. Thank you! -- Best wishes, Pat A Canadian in Houston Using The Bat! v3.0.1.33 on Windows XP 5.1 Build 2600 Service Pack 1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
On Thu, 4 Nov 2004, P.Johnson wrote: Hello, I'm getting a new computer and want to get the best firewall and virus protection I can, and have been looking at Trend Micro PC-cillin Internet Security. I am wondering if any TB! users have tried this suite; and more generally, if there has to be specific compatibility between email programs and virus software. I have a Trend Micro Office Suite mandatory at work, including the laptop which runs The Bat (1.x) for my private mail. I receive a lot of spam, and some of it is virus-infected. The problem is, that when the Bat stores this virus attachment on disk, the OfficeScan pops up saying it's a virus. For some reason TheBat cannot continue operation (I guess because OfficeScan takes over the file for quarantine or smth), and the message is not deleted on the server. This means that every 5 minutes (my polling period) I get this message and have to delete the e-mail manually on the server. Plus, all our admins receive a virus warning. Hence, I have been asked to remove The Bat. Just my experience - those problems may be obsolete by now. Leo. Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: PC-cillin and TB!
LL I have a Trend Micro Office Suite mandatory at work, including the laptop LL which runs The Bat (1.x) for my private mail. I receive a lot of spam, and LL some of it is virus-infected. The problem is, that when the Bat stores LL this virus attachment on disk, the OfficeScan pops up saying it's a virus. LL For some reason TheBat cannot continue operation (I guess because LL OfficeScan takes over the file for quarantine or smth), and the message is LL not deleted on the server. This means that every 5 minutes (my polling LL period) I get this message and have to delete the e-mail manually on the LL server. LL Plus, all our admins receive a virus warning. LL Hence, I have been asked to remove The Bat. LL Just my experience - those problems may be obsolete by now. Not so obsolete. I had the same problem when testing KAV personal Pro 5 with TB3 ! TB3 froze because KAV blocked some TB databases files. It was very annoying. That why I 've chosen AVG 7. Now viruses are great managed and moved to quarantine without perturbation. And for firewall I use Kerio Personal Firewall 4. It's free and work well with my system (AVG / Ad-Aware 6 / TB3). I feel well protected. :-) Maybe an illusion... -- WilWilWil :flag-france: TB 3.0.1.33 BayesIt! 0.7.3 Windows XP Service Pack 1 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: PC-cillin and TB!
You might want to try a server based spam/virus filter. At our company we use Sentinare PostGuard www.sentinare.com so that spam/viruses are trapped on the server level, so that they don't waste time/resources downloading and scanning garbage emails. They have a easy web-based quarantine interface in case you need to rescue a message, but it's rare that you have to. They use SpamAssassian and some other filters to get really good accuracy, my account at work is 99.6% accurate. -Jason ===Original message text=== From: Leo Landa [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Thursday, November 4, 2004, 3:58:12 PM Subject: PC-cillin and TB! On Thu, 4 Nov 2004, P.Johnson wrote: Hello, I'm getting a new computer and want to get the best firewall and virus protection I can, and have been looking at Trend Micro PC-cillin Internet Security. I am wondering if any TB! users have tried this suite; and more generally, if there has to be specific compatibility between email programs and virus software. I have a Trend Micro Office Suite mandatory at work, including the laptop which runs The Bat (1.x) for my private mail. I receive a lot of spam, and some of it is virus-infected. The problem is, that when the Bat stores this virus attachment on disk, the OfficeScan pops up saying it's a virus. For some reason TheBat cannot continue operation (I guess because OfficeScan takes over the file for quarantine or smth), and the message is not deleted on the server. This means that every 5 minutes (my polling period) I get this message and have to delete the e-mail manually on the server. Plus, all our admins receive a virus warning. Hence, I have been asked to remove The Bat. Just my experience - those problems may be obsolete by now. Leo. Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html End of original message text=== Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: PC-cillin and TB!
Hello Pat! On Thursday, November 04, 2004, 5:03 PM, you wrote: PJ I'm getting a new computer and want to get the best firewall and PJ virus protection I can, Pat, I have had no problems with F-Secure. http://www.f-secure.com/ I am using only its AV (it now offers a suite, new this year, with firewall) and I have just renewed my license, after one year's use. The interface is friendly and it has the advantage of combining 3 separate virus-scanning engines. XP SP2 recognizes it. There's no plug-in for TB!, but that's not necessary. F-Secure recognizes an e-mail infection as it is being downloaded. It recognizes an infected file as soon as it's clicked on. For my firewall I'm using the free Sygate. Just upgraded to the latest one. I like it for its simple user interface, also. But WilWilWil has a good set-up, too, with the free anti-virus program AVG--which *does* have a plug-in for TB!--and Kerio as firewall. I used AVG for about six months. Left it for Kaspersky (KAV), because Kaspersky updated more often. Kaspersky's interface I found quite complicated. And it no longer supports The Bat! with a plug-in. Last November I moved to F-Secure. It can be set to check automatically for updates as often as you like. Virus Definitions are usually updated daily, but sometimes more often. The question of choosing an AV and a firewall to go with TB! comes up rather often on tbudl. You might try a search on the Gmane archives for more opinions. -- Best regards, Mary The Bat! 3.0.2.4 Rush on Windows XP 5.1 2600 Service Pack 2 Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html