New User? Need help? Click here to register for free! Registering removes the advertisements.

Computer Cops
image image image image image image image image
Donations
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
image
Prime Choice
· Head Lines
· Advisories (All)
· Dnld of the Week!
· CCSP News Ltrs
· Find a Cure!

· Ian T's (AR 24)
· Marcia's (CO8)
· Bill G's (CO12)
· Paul's (AR 5)
· Robin's (AR 2)

· Ian T's Archive
· Marcia's Archive
· Bill G's Archive
· Paul's Archive
· Robin's Archive
image
Security Central
· Home
· Wireless
· Bookmarks
· CLSID
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· RegChat
· Reviews
· Google Search
· Sections
· Software
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Survey
How much can you give to keep Computer Cops online?

$10 up to $25 per year?
$25 up to $50 per year?
$10 up to $25 per month?
$25 up to $50 per month?
More than $50 per year?
More than $50 per month?
One time only?
Other (please comment)



Results
Polls

Votes: 1155
Comments: 21
image
Translate
English German French
Italian Portuguese Spanish
Chinese Greek Russian
image
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Login to check your private messagesLogin to check your private messages   LoginLogin 

Wishlist Item - Option to Strip Phony HTML Tags
Goto page Previous  1, 2
 
Post new topic   Reply to topic       Computer Cops Forum Index -> Benign - Suggestions
View previous topic :: View next topic  
Author Message
Wayward

Lieutenant
Lieutenant
Premium Member
Premium Member


Joined: Mar 16, 2003
Posts: 299
Location: USA

PostPosted: Wed May 26, 2004 12:11 am    Post subject:
Reply with quote

Eisenson wrote:
OK...
So I understand that B9 will compress emails into text, removing spurious (anti-antispam) html?

Arrow Pretty much.

Eisenson wrote:
I'm buying B9 immediately to go with my 90% satisfactory MWP! This pair just might get the job done.

Arrow I think you'll be pleased. I have been very happy with the MWP and Benign combination.

_________________
Wayward
Back to top
View users profile Send private message
Ikeb

General
General
Premium Member
Premium Member


Joined: Apr 20, 2003
Posts: 3553
Location: Canada

PostPosted: Wed May 26, 2004 1:03 am    Post subject:
Reply with quote

Eisenson wrote:
So I understand that B9 will compress emails into text, removing spurious (anti-antispam) html?

Not so much anything to do with SPAM -- MWP should take care of that. More to do with spyware type stuff hidden in images, HTML tags,and potentially malicious file attachments. HTML-encoded msgs don't get converted to plain text unless that's what you want. I just have B9 filter non-standard tags, remove scripting, block CSS stylesheets, etc.

_________________
I like SPAM ... on my sandwich!
Back to top
View users profile Send private message Send email
DraganGlas

Cadet
Cadet



Joined: May 27, 2004
Posts: 6
Location: UK

PostPosted: Thu May 27, 2004 7:56 am    Post subject: Wishlist Item
Reply with quote

Greetings,

I find MWP excellent.

Having read the blurb about using B9 with it, I downloaded/installed B9 and can't get it to work the way I'd expect or wish.

Ideally, the order of play should be as follows:

1) Mailwasher -
Checks the servers for mail and sorts the grain from the chaff.
Process Mail deletes the chaff and kicks off...
2) Benign -
This then does its thing on the grain and then passes it to Mail Client...
3) Antivirus software
Naturally this scans it before it reaches your Mail Client's Inbox.

That's how I'd expect them to work.

Instead, Benign seems to want to go first, then MWP.

This seems pointless.

Say you've got 1000 mails to download, B9 goes through the lot and makes them "safe" - then MW says "...Actually, they're ALL spam!! Delete everything!".

Is there any intention to force MW/B9 to detect each other if both are installed so that they can operate in the above suggested order?

Better still would be to have:

1) MW detects the existence of installed B9 (or equivalent) ...
2) B9 detects the existence of installed MW (or server-side anti-spam equivalent) ...

...and daisy chains as suggested?

B9 insisted that Outlook was running preventing it binding to 110 - actually it wasn't in the normal sense (application open), I had to kill the process in Task Manager.

If MW and B9 were aware of each other, there shouldn't be any problems - MW and B9 would just link up in that order without having to find a different port for the relevant applications.

Just a thought...

For now I'm uninstalling B9 - MWP works happily with my NAV 2001 and Outlook 2000 (along with my firewall and other security apps) without any messing about!

Kindest regards,

Dragan Glas
Back to top
View users profile Send private message
DraganGlas

Cadet
Cadet



Joined: May 27, 2004
Posts: 6
Location: UK

PostPosted: Thu May 27, 2004 9:01 am    Post subject: Wishlist Item
Reply with quote

Greetings,

I find MWP excellent.

Having read the blurb about using B9 with it, I downloaded/installed B9 and can't get it to work the way I'd expect or wish.

Ideally, the order of play should be as follows:

1) Mailwasher -
Checks the servers for mail and sorts the grain from the chaff.
Process Mail deletes the chaff and kicks off...
2) Benign -
This then does its thing on the grain and then passes it to Mail Client...
3) Antivirus software
Naturally this scans it before it reaches your Mail Client's Inbox.

That's how I'd expect them to work.

Instead, Benign seems to want to go first, then MWP.

This seems pointless.

Say you've got 1000 mails to download, B9 goes through the lot and makes them "safe" - then MW says "...Actually, they're ALL spam!! Delete everything!".

Is there any intention to force MW/B9 to detect each other if both are installed so that they can operate in the above suggested order?

Better still would be to have:

1) MW detects the existence of installed B9 (or equivalent) ...
2) B9 detects the existence of installed MW (or server-side anti-spam equivalent) ...

...and daisy chains as suggested?

B9 insisted that Outlook was running preventing it binding to 110 - actually it wasn't in the normal sense (application open), I had to kill the process in Task Manager.

If MW and B9 were aware of each other, there shouldn't be any problems - MW and B9 would just link up in that order without having to find a different port for the relevant applications.

Just a thought...

For now I'm uninstalling B9 - MWP works happily with my NAV 2001 and Outlook 2000 (along with my firewall and other security apps) without any messing about!

Kindest regards,

Dragan Glas
Back to top
View users profile Send private message
Ikeb

General
General
Premium Member
Premium Member


Joined: Apr 20, 2003
Posts: 3553
Location: Canada

PostPosted: Thu May 27, 2004 9:40 am    Post subject: Re: Wishlist Item
Reply with quote

DraganGlas wrote:
Having read the blurb about using B9 with it, I downloaded/installed B9 and can't get it to work the way I'd expect or wish.

Ideally, the order of play should be as follows:

1) Mailwasher -
Checks the servers for mail and sorts the grain from the chaff.
Process Mail deletes the chaff and kicks off...
2) Benign -
This then does its thing on the grain and then passes it to Mail Client...
3) Antivirus software
Naturally this scans it before it reaches your Mail Client's Inbox.

That's how I'd expect them to work.

Indeed that's how it should work.

DraganGlas wrote:
Instead, Benign seems to want to go first, then MWP.

This seems pointless.

That would be ineffective. How have you set up B9? Your mail client should have it's account config changed to your.POP3.server.B9. Leave MWP pointing to your.POP3.server.

DraganGlas wrote:
Is there any intention to force MW/B9 to detect each other if both are installed so that they can operate in the above suggested order?

As I said, the way you suggested it work, is in fact how it is intended to work. That said, this doesn't happen automatically. The user has to config the email client to point to the server via B9.

DraganGlas wrote:
Better still would be to have:

1) MW detects the existence of installed B9 (or equivalent) ...
2) B9 detects the existence of installed MW (or server-side anti-spam equivalent) ...

...and daisy chains as suggested?

B9 insisted that Outlook was running preventing it binding to 110 - actually it wasn't in the normal sense (application open), I had to kill the process in Task Manager.

If MW and B9 were aware of each other, there shouldn't be any problems - MW and B9 would just link up in that order without having to find a different port for the relevant applications.

Just a thought...

Better yet would be to include a MWP proxy mode which embeds the B9 proxy. This could be called "MailWasher Deluxe" and be sold at a premium.

_________________
I like SPAM ... on my sandwich!
Back to top
View users profile Send private message Send email
DraganGlas

Cadet
Cadet



Joined: May 27, 2004
Posts: 6
Location: UK

PostPosted: Thu May 27, 2004 10:22 am    Post subject:
Reply with quote

Greetings,

Well, once I'd killed Outlook's process in Task Manager, I got past the 110 error and ran into the HOSTS error.

At that point, it being after midnight and I had to get up at 5am...I decided to go to bed and leave it until tonight to uninstall or fix it.

Kindest regards,

Dragan Glas
Back to top
View users profile Send private message
DraganGlas

Cadet
Cadet



Joined: May 27, 2004
Posts: 6
Location: UK

PostPosted: Mon May 31, 2004 3:53 pm    Post subject: Benign Suggestions
Reply with quote

Greetings,

I've changed the settings of the relevant applications as follows:

Mailwasher Pro
POP3 - pop3.norton.antivirus (All accounts.)
Port - 110 (All accounts.)

Benign
POP3 - pop3.norton.antivirus
Port - 1110 (Chosen at random to stop "Can't bind to port 110" message.)

Microsoft Outlook
POP3 - pop3.norton.antivirus.b9 (All accounts.)
Port - 1110 (All accounts.)

MWP can access the mail on the servers using "Check Mail" without any problem - clicking "Process Mail" kicks off Outlook - "Send/Receive" causes an 0x800ccc15 error in Outlook.

This is with B9 running.

The B9 Summary logs show that no mail has been processed.

So where am I going wrong?

Confused How do I ensure that mail is processed in MWP > B9 order, instead of B9 > MWP?

All suggestions welcome!

Kindest regards,

James
Back to top
View users profile Send private message
Ikeb

General
General
Premium Member
Premium Member


Joined: Apr 20, 2003
Posts: 3553
Location: Canada

PostPosted: Mon May 31, 2004 5:59 pm    Post subject: Re: Benign Suggestions
Reply with quote

DraganGlas wrote:
I've changed the settings of the relevant applications as follows:

Mailwasher Pro
POP3 - pop3.norton.antivirus (All accounts.)
Port - 110 (All accounts.)

Looks good ... assuming that the AV proxy has been properly configured of course.

DraganGlas wrote:
Benign
POP3 - pop3.norton.antivirclient us
Port - 1110 (Chosen at random to stop "Can't bind to port 110" message.)

Since pop3.norton.antivirus is a destination on the same computer, there must be a loopback address defined in the host file - likely 127.0.0.1. However I dunno why port 110 can't bind since the same address and port should already be defined for the server > MWP msg path.

DraganGlas wrote:
Microsoft Outlook
POP3 - pop3.norton.antivirus.b9 (All accounts.)
Port - 1110 (All accounts.)

What changes were made to your host file?

DraganGlas wrote:
MWP can access the mail on the servers using "Check Mail" without any problem - clicking "Process Mail" kicks off Outlook - "Send/Receive" causes an 0x800ccc15 error in Outlook.

This is with B9 running.

The B9 Summary logs show that no mail has been processed.

So where am I going wrong?

Confused How do I ensure that mail is processed in MWP > B9 order, instead of B9 > MWP?

Seems like you have a slight misunderstanding as to msg flow James. Msgs do not transit MWP on their way to the client. Since MWP is a client (albeit a special SPAM "prescreening" client), the msgs stop there. Msgs would flow as follows:

Server > Norton AV > MWP.

B9 has nothing to do with this msg flow unless you config MWP to have msgs proxied via B9, not something you should do, nor have you set it up that way. Based on what you said, this msg path is now working correctly.

The other msg flow path is apparently as follows:

Server > Norton AV > B9 > email client.

Actually, perhaps a better way of illustrating the flow is as follows:

Client > B9 > Norton AV > server > Norton AV > B9 > client.

In other words, your client requesting a download, would do so via B9 which proxies the request to the AV which passes the msg on to the server. The server responds the AV which checks the msg for viruses (again) and passes the (presumably clean) msg on to B9 which filters the msg of any spyware stuff and passes it to the client.

The AV proxy is complicating matters. I don't have any AV proxy in my data path but AIIRC, folks using the AV proxy don't bother with checking the msg again. After all, any msg would presumably already have been checked for viruses when MWP requested to look at each msg. So you should feel free to bypass Norton for the actual Legit msg download to the client. Any virus-laden msg would have been deleted.

If you insist in rechecking any msg destined for download to the client, perhaps change the setup such that the msg flow is as follows:

Client > Norton AV > B9 > server > B9 > Norton AV > client.

Someone actually using Norton and B9 might better advise you whether the proxy order matters.

BTW, check your host file settings as well to ensure that a loopback address has been defined for pop3.norton.antivirus.b9

_________________
I like SPAM ... on my sandwich!
Back to top
View users profile Send private message Send email
DraganGlas

Cadet
Cadet



Joined: May 27, 2004
Posts: 6
Location: UK

PostPosted: Tue Jun 01, 2004 3:38 pm    Post subject:
Reply with quote

Greetings,

Ikeb, thanks for the clarification!

I checked my Hosts file - here it is minus the explanatory comments at the start:

204.146.140.200 clearinghouse.clrhouse.com
204.146.140.202 contenthost.clrhouse.com
204.146.140.204 musicstore.mscstore.com
127.0.0.1 pop3.norton.antivirus # Added by Norton AntiVirus for e-Mail scanning
127.0.0.1 pop3.spa.norton.antivirus # Added by Norton AntiVirus for e-Mail scanning

# Begin B9
127.98.9.1 pop3.norton.antivirus.b9
127.98.9.2 pop3.norton.antivirus.b9.b9
# End B9

The B9 section is what has been added to the original Hosts file.

Does this make sense? I don't understand the double "b9.b9" part.

Kindest regards,

James
Back to top
View users profile Send private message
Ikeb

General
General
Premium Member
Premium Member


Joined: Apr 20, 2003
Posts: 3553
Location: Canada

PostPosted: Tue Jun 01, 2004 6:01 pm    Post subject:
Reply with quote

1: Do the first three host file entires you posted make sense to you? They are not public addresses, are they perhaps part of your ISP's IP space?

2: Since the same loopback address (127.0.0.1) is used for the two AV e-Mail scanning paths, pop3.norton.antivirus must use a different port # than pop3.spa.norton.antivirus.

3: I have no idea why B9 added the double 'b9.b9' domain name. Are both of the pop3.norton.antivirus.b9 and pop3.norton.antivirus.b9.b9 addresses used as part of your client account configurations? I suppose each would work but I agree the naming convention B9 chose is confusing. A few folks have reported similar double 'b9.b9' names. What are the corresponding B9 Options > Accounts settings?

_________________
I like SPAM ... on my sandwich!
Back to top
View users profile Send private message Send email
DraganGlas

Cadet
Cadet



Joined: May 27, 2004
Posts: 6
Location: UK

PostPosted: Tue Jun 01, 2004 6:44 pm    Post subject:
Reply with quote

Greetings,

The account setting is:

Server: pop3.norton.antivirus.b9
Port: 1110
Security: Medium

There are no entries in the Domain and Address Overrides tab.

Kindest regards,

James
Back to top
View users profile Send private message
Ikeb

General
General
Premium Member
Premium Member


Joined: Apr 20, 2003
Posts: 3553
Location: Canada

PostPosted: Tue Jun 01, 2004 7:10 pm    Post subject:
Reply with quote

Is that the account setting in B9? IMO, there's no need to transit the AV msg scanner esp. if you are doing that via the MWP check. If you posted the B9 account settings, the server can be your pop3 server address and the port # would then be 110. Be sure that the host file lists a matching entry for your POP3 server address but with the .B9 extension.
_________________
I like SPAM ... on my sandwich!
Back to top
View users profile Send private message Send email
Display posts from previous:   
Post new topic   Reply to topic       Computer Cops Forum Index -> Benign - Suggestions All times are GMT - 5 Hours
Goto page Previous  1, 2
Page 2 of 2

 
 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB 2.0.8a © 2001 phpBB Group

Version 2.0.6 of PHP-Nuke Port by Tom Nitzschner © 2002 www.toms-home.com
Version 2.2 by Paul Laudanski © 2003-2004 Computer Cops