Search  Rules  Login
TheBat English » The Bat! - Configuring the E-mail Client
Pages: 1
RSS
Why is Thebat still not working with antiviruses
 
#1
0  
dear community,

for me it is really sag to see that there is still no solution to use antiviruses with thebat.

other e-mailprograms just use the .exe file of the virusscanner to scan emails while the bat still needs a plugin for every program, and those plugins available are very out of date and for past versions like kaspersky 4.

sure virusscanners can find viruses in .tbb containers but there is no way for them do delete the single mail, they are always concerned about the whole .tbb file.

i please the programmers of the bat to finally integrate a virus search function using the .exe search engine of antiviruses. i´m having an eye on this mess for two years now and there never was anything good as it can be seen by the numerous posts everywhere.

puh, feeling better now ;-)

best regards

moongate
 
 
 
#2
0  
Quote
other e-mailprograms just use the .exe file of the virusscanner to scan emails while the bat still needs a plugin for every program, and those plugins available are very out of date and for past versions like kaspersky 4.

Actually, virusscanners that work for other mail clients, should work for TB, since they act as a pop3 proxy that scans for viruses, so you only need to follow the instructions for your virus scanner.
The problem arises when the scanner doesn't check the pop3 connection, but scans the %temp% directory, that may cause problems for TB.
However programs that act like that won't work properly for other mail clients.

Quote
sure virusscanners can find viruses in .tbb containers but there is no way for them do delete the single mail, they are always concerned about the whole .tbb file.

This is indeed where plug-ins have advantages above independant virus scanners. You do realize (I hope) that the problem that the whole container is seen as infected is not TB specific, the same thing happens when you've got a virus in your message base when you're using Outlook Express. That's what happened to a collegue of mine, he couldn't start OE because of a deleted virus message in his (not emptied trash folder) and he had his virusscanner updated after receiving the virus.
That's a problem you could encounter with TB too, with the difference that TB won't try to execute the virus and lots of OE incarnations did.

So there's no real need to use plug-ins. However, when you can't find an uptodate plug-in, don't blame Ritlabs, they don't make the plug-ins, that's the doing of the authors of the anti virus publishers. A good example of how it can be done is Grisoft, they include a proper plug-in for TB in all their scanner packages, both free and paid versions. Plug-in is installed when the setup finds a TB configuration.
__________________________________
I'm just a user of The Bat! I don't work for Ritlabs.
 
 
 
#3
0  
dear Roelof Otten,

i don´t blame ritlabs for not making plugins, i blame ritlabs for using this technique instead of allowing the scanengine.exe to handle the job.

also i always read about the pop3 checker but since i also use imap accounts viruses are stored in the databases anyway as they also would if the virus is so new that he can only be found when the next update of the antivirus was done. in this case the virus is in your .tbb file and ritlabs don´t offer the tools to get rid of the viruses.

sure you can say the antivirus companies should write plugins for the emailclients and they do. but of course not for an emailsclient like thebat which is only used by us experts and not the vast number of users. for outlook you will see every antivirus linking into the program after instalation.

ritlabs should really think over if this plugin thing is the right way to go.

as everybody could see in the last years and also from my point of view it is definitly the wrong way.

you must know i love thebat and this lacking point really bothers me because i always had trouble with it.

best regards

moongate  
 
 
 
#4
0  
I'm a bit pop3 centered in my use of e-mail, so I've neglected to think about the IMAP part, especially since I constantly hear about TB lacking all kinds of IMAP features.

But anyway how do other IMAP clients scan their mail for viruses? The only time I was testing IMAP, I was using server side scanning (easy as it was my own server), still do that for pop3 BTW.

__________________________________
I'm just a user of The Bat! I don't work for Ritlabs.
 
 
 
#5
0  
TB's IMAP features still need quite a bit of work indeed. However, it is not the only reason why some external virus scan engine is not only desirable, but necessary.

First, many enterprise AVs do not include a POP3/SMTP proxy component because the mail flow is protected differently. In fact, they do notuse this because POP3 proxy is a fragile system that fails to work with enterprise-grade mail systems (Notes, Exchance, etc.)  and it's also a configuration nightmare on the network.

Second, AV proxies do not work over SSL connections. Indeed, the goal of such connection is to prevent anyone from eavedropping on the content of your mail while it's trasported and the AV proxy is still on the transport layer: it shouldn't know your login info and shouldn't act "on your behalf" (otherwise, you go a security issue).

As for how does other product go around this is most simple: they extract the content of every new message to a temporary folder crested on the spot (perhapse with execute right explicitely denied) and run a command-line provided by the user. Then, it either check for the process's exit code or simply see if any file it expanded has been deleted.
 
 
 
#6
0  
There are plugins for NOD32 and AVG available.

AVG plugin is included into the installation of the anti-virus.

The NOD32 plugin works only with the very latest version of NOD32, and you can download it from our website: http://www.ritlabs.com/download/the_bat/bav/Nod32.BAV

Kaspersky has recently started developing a new plugin for The Bat! for the new version their anti-virus (for the new release after 5.0), but this plugin and this version of the anti-virus is not yet well tested.

The specification on the antivirus API is downloadable from http://www.ritlabs.com/download/the_bat/bav/bav-api.rar  
 
 
 
#7
0  
There are also the following plugins available, included into the antivirus instllation: Avast! and Antivirus Stop.
 
 
 
#8
0  
Broken links. Can anybody repost/repair links please?
 
 
 
Pages: 1