[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: (Windows) does e-mail scanning with AVG Free work for all unsecured mails going through Tor?
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: (Windows) does e-mail scanning with AVG Free work for all unsecured mails going through Tor?
- From: gregorwsky@xxxxxxxxxxxxxx
- Date: Wed, 9 Jul 2008 00:00:13 +0200
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Tue, 08 Jul 2008 18:00:19 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender :to:subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references :x-google-sender-auth; bh=txRGgdA7VEr/K2fto7q0DL1O6i2PVt94y12c3xnNFQo=; b=d0J3wb681/MPd1NIgYJm4oqt0MICxPKRwTUdnO1GFz8wROPnViTigTtVCI/SS+vARb T+Dj3Cx8AI5/5Ty4ZYS3meWI+SEdUbrKe+R+K+QOq7NDnjGUAjO6LukYOJYatYneOADR IfSINgHFLJUFmq0yFtnD4GdziRvLdDOc2Srgc=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=message-id:date:from:sender:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references:x-google-sender-auth; b=T90jeeYHj7nDwAPe7Tq7NwcvX5UkYeQoMWRSHBstVEJ7VrpTTp2L5DKNf/XByS+Y9x EOEC2eodqPNJaT2aNyjjndOife7RTVJpXwIjgzPgCFz3SLfkyceiTpigeY4TyfyF8QuH LT91LhFmAsm4z/wmx+zXapu2TroY6TA0czlzk=
- In-reply-to: <20080707025249.GA17616@xxxxxxxxxxxxxxxxxxxxxx>
- References: <a32ed7490807061917t5619eb82sedba4c32f92e5d1d@xxxxxxxxxxxxxx> <20080707025249.GA17616@xxxxxxxxxxxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
Thanks, that is an interesting thought. I don't know exactly about the
rules in my country, but they may be similar. I only could state that
this virus scanning is just an accident - which is true, because I did
not deliberately install or configure AVG for Tor or vice versa. Both
programs are mostly in default configuration and are not in any way
made to interact, so I would not have to expect that behaviour. And
more, this "filtering" affects only a very, very small fraction of all
the traffic. AVG is not even able to automatically scan POP and SMTP
connections that are TLS/SSL secured, only those carelessly unsecured.
The two other choices now are: Switch off AVG's automatic e-mail
scanning... I think I can remember that once or twice in the last
couple of years AVG did catch a virus that was mailed to me and
slipped the provider's spam filter. Or switch off e-mail ports in my
or's exit policies.
But about that article... the topic is: "The Other E-Mail Threat: File
Corruption in Outlook Express"
Do you really think I am using Outlook Express? No, please! I cannot
deny that I'm using Windows, but that's bad enough. ;)
Yours, Gregor
On Mon, Jul 7, 2008 at 4:52 AM, krishna e bera <keb@xxxxxxxxxxxxxx> wrote:
> AVG (and other antivirus software) inserts a proxy that catches the email traffic you mention.
>
> The risk with any examining or altering of traffic is that you may be
> giving up your legal and moral claim to status as a common carrier or safe harbour
> which is perhaps the only thing protecting you from DMCA and other prosecution in the USA.
>
> Microsoft and friends recommend against email scanning
> http://www.microsoft.com/windows/ie/community/columns/filecorruption.mspx
> at least for your own email as it may confuse your email software and cause corruption
> and you are protected anyway due to the antivirus software's file access scanning.
>
> Thirdly the default exit policy does not allow exit to port 25
> because it can be used by spammers and worms and
> your ISP may cut off your access as it will think you are the source.
>