Results 1 to 3 of 3

Thread: InBound MailSafe Protection and Thunderbird

  1. #1
    zonealarmalexs Guest

    Default InBound MailSafe Protection and Thunderbird


    I've got an issue with ZoneAlarm (latest version) and Thunderbird (I think).

    Often Trojan-Spy.HTML.Fraud.gen gets found here via an "On-Access scan":

    "C:\Documents and Settings\[User Folder]\Local Settings\Temp\newmsg"

    Even if I quit Thunderbird I have no option but to reboot my file everytime someone (or something) sends me what I think is an infected email.

    My thought (probably a bad one) was:

    a) Get Thunderbird to change the temporary file path other than "C:\Documents and Settings\[User Folder]\Local Settings\Temp\newmsg" (although it seems that is impossible with Thunderbird).


    b) Get ZoneAlarm to Exclude that path

    c) Hope that the ZA InBound MailSafe Protection would pick up any viruses rather than the file scanner.

    But then it appears "On-Access scan" picked it up first time rather than the SMTP scan. Why? Doesn't the SMTP scanner just scan port 25 for incoming/outgoing mails? Surely this would get priority first over the file scanner?. Why would the file scanner pick this up first rather than the SMTP scan?

    I understand inbound/outbound mail mailsafe protection is supported with Thunderbird (as it just hooks into SMTP) but Junk Email filter is outlook only? Correct?

    Any advise would be highly appreciated.



    Message Edited by ZoneAlarmAlexS on 03-06-2009 04:38 PM

  2. #2
    zonealarmalexs Guest

    Default Re: InBound MailSafe Protection and Thunderbird

    OK this is worrying me...

    Once again this happened, I get exactly the same warning....

    This this time...

    * I quit thunderbird.
    * I browse to the file path.
    * The file is not there... whatsoever... and yes hidden files are visible by default.
    * ZoneAlarm is still giving me the option to move the file, so I accept the default.... but apparently the non existent file cannot be moved.
    * So then it gives me an option to rename, again apparently the non existant file cannot be renamed...
    * So I'm stuck with deleting a non existant file on reboot.

    So I'm assuming this file arrived here and then Thunderbird had already processed it (and deleted the file)? And ZoneAlarm could did not bother to check that the file was deleted after detection.


    a) Why is Zone Alarm not picking up this virus via the SMTP scanner first?

    b) If that fails then why is ZA not locking the file in case some other process tries to delete it?

    c) Why is ZA not detecting at each step (move/renamed/delete on reboot) that the file may have been deleted.

    Or am I getting this completely wrong here?

    Many thanks

  3. #3
    Join Date
    Jun 2006
    The 3rd Coast - South Central Texas

    Default Re: InBound MailSafe Protection and Thunderbird

    If you have a Valid ZA License Contact ZA Tech Support..

    And give them the Full details:

    1.) of your Computer and whether your Windows is fully Updated with Latest Microsoft paches.

    2.) what Type and Version of ZoneAlarm and Version Number..

    3.) What other Security Software do you have installed that may be Conflicting with ZoneAlarm..

    4.) Please Read Guidelines and Terms of Use Policy of this Forum..

    Click Here:

    Click on ZA Support in my Signature.. Fill out the Login Forum and Select Tech Support..
    ZoneAlarm® Extreme Security

    Click here for ZA Support
    Monday-Saturday 24 Hours Pacific Time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts