[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: (Windows) does e-mail scanning with AVG Free work for all unsecured mails going through Tor?

Thanks, that is an interesting thought. I don't know exactly about the
rules in my country, but they may be similar. I only could state that
this virus scanning is just an accident - which is true, because I did
not deliberately install or configure AVG for Tor or vice versa. Both
programs are mostly in default configuration and are not in any way
made to interact, so I would not have to expect that behaviour. And
more, this "filtering" affects only a very, very small fraction of all
the traffic. AVG is not even able to automatically scan POP and SMTP
connections that are TLS/SSL secured, only those carelessly unsecured.

The two other choices now are: Switch off AVG's automatic e-mail
scanning... I think I can remember that once or twice in the last
couple of years AVG did catch a virus that was mailed to me and
slipped the provider's spam filter. Or switch off e-mail ports in my
or's exit policies.

But about that article... the topic is: "The Other E-Mail Threat: File
Corruption in Outlook Express"
Do you really think I am using Outlook Express? No, please! I cannot
deny that I'm using Windows, but that's bad enough. ;)

Yours, Gregor

On Mon, Jul 7, 2008 at 4:52 AM, krishna e bera <keb@xxxxxxxxxxxxxx> wrote:
> AVG (and other antivirus software) inserts a proxy that catches the email traffic you mention.
> The risk with any examining or altering of traffic is that you may be
> giving up your legal and moral claim to status as a common carrier or safe harbour
> which is perhaps the only thing protecting you from DMCA and other prosecution in the USA.
> Microsoft and friends recommend against email scanning
> http://www.microsoft.com/windows/ie/community/columns/filecorruption.mspx
> at least for your own email as it may confuse your email software and cause corruption
> and you are protected anyway due to the antivirus software's file access scanning.
> Thirdly the default exit policy does not allow exit to port 25
> because it can be used by spammers and worms and
> your ISP may cut off your access as it will think you are the source.