Help → Norton Internet Security

Norton Internet Security

Hello:

I read about Norton Antivirus with POPFile, but is not sure about the settings.

But first, are the settings the same for Norton Internet Security (NIS)?

If they are, I would like to check if this is correct:

- Without NIS (but with POPFile SSL):

My email client => 110 or specified port => POPFile => 995 => My mail server

(I am not sure whether to use 110 or some other "specified port"????)

- With NIS and POPFile SSL:

=======My email client => POPFile => NAV/NAS => My email server

POP port---------123------------123-------------110------------110

This makes me entirely confused. I would appreciate an explanation as to what/where I should change ports in this case. Esp.: what happens with port 995 (needed for SSL)?

Thank you/HansL

  • Message #1885

    Which version of Norton Internet Security (NIS) are you using?

    The most recent manual for NIS on Norton's website is the "NIS 2013" one (the site says there is no manual for NIS 2014).

    According to the NIS 2013 manual "Norton Internet Security supports all email accounts that use non-SSL POP3 and SMTP communication protocols." so I think you can use this configuration:

    My email client => 110 => POPFile => 995 => My mail server

    what happens with port 995 (needed for SSL)?

    You don't need to do anything about port 995 because when POPFile is told to use SSL it will use port 995 for the connection to the mail server.

    If your email client currently uses SSL for an account then you only need to make four changes to use POPFile with this account.

    Email client settings without POPFile

    Incoming mail server   pop.example.com
    POP3 port              995
    Username               myusername
    Server requires SSL    yes
    

    Email client settings with POPFile

    Incoming mail server   127.0.0.1
    POP3 port              110
    Username               pop.example.com:myusername:ssl
    Server requires SSL    no
    

    By default POPFile uses port 110 to receive commands from the email client. When POPFile finds ":ssl" at the end of the username supplied by the email client POPFile will use SSL and port 995 to connect to the mail server.

    When POPFile uses SSL the SSL connection is between POPFile and the mail server; the email client must not try to use SSL for the connection to POPFile.

    According to the NIS 2013 manual NIS will scan the email messages passing between POPFile and the email client.

    • Message #1889

      Which version of Norton Internet Security (NIS) are you using?

      The most recent manual for NIS on Norton's website is the "NIS 2013" one (the site says there is no manual for NIS 2014).

      According to the NIS 2013 manual "Norton Internet Security supports all email accounts that use non-SSL POP3 and SMTP communication protocols." so I think you can use this configuration:

      My email client => 110 => POPFile => 995 => My mail server

      what happens with port 995 (needed for SSL)?


      You don't need to do anything about port 995 because when POPFile is told to use SSL it will use port 995 for the connection to the mail server.

      If your email client currently uses SSL for an account then you only need to make four changes to use POPFile with this account.

      Email client settings without POPFile
      {{{
      Incoming mail server pop.example.com
      POP3 port 995
      Username myusername
      Server requires SSL yes
      }}}

      Email client settings with POPFile
      {{{
      Incoming mail server 127.0.0.1
      POP3 port 110
      Username pop.example.com:myusername:ssl
      Server requires SSL no
      }}}

      By default POPFile uses port 110 to receive commands from the email client. When POPFile finds ":ssl" at the end of the username supplied by the email client POPFile will use SSL and port 995 to connect to the mail server.

      When POPFile uses SSL the SSL connection is between POPFile and the mail server; the email client must not try to use SSL for the connection to POPFile.

      According to the NIS 2013 manual NIS will scan the email messages passing between POPFile and the email client.

      Thank you for the clarifications!

      Hans L

    • Message #1891

      Hello Brian:

      Here is what I have:

      Using POPFile with SSL, SPA, and NIS.

      My email client's settings:

      POP3 server: 127.0.0.1

      SMTP server: original host server

      User ID: [original host server]:[original User ID]:ssl

      SSL settings (POP3S and SMTPS] unchecked

      POP3 port: 123 (was SSL port 995; standard: 110)

      SMTP port (SSL): 465 (standard: 25)

      POPFile settings:

      Buckets: good, spam, unclassified

      Configuration – POP3 listen port: 123

      Security – Remote Servers – Remote POP3 server (SPA/AUTH or transparent proxy): host server

      ... – Remote POP3 port(SPA/AUTH or transparent proxy): 110

      So, if I assume correctly, this means:

      My email client – 123 – POPFile – [will use] 995 – NIS – [whatever port OR 110] – Host server

      Is the above correct?


      One more issue

      - Isn’t POPFile used only for incoming emails? If that is correct, should I really uncheck SSL setting SMTPS (outgoing)?

      If it is NOT correct, do I need to change SMTP port from 465 (SSL port) to something else (standard 25?)? And do I need to do something about SMTP server (now original host server)?

      Thanks for your kind response.

      Hans L

      • Message #1892

        I hope I can get a reply to this. I feel I am close to the correct setup, but I am not sure. Maybe a confirmation can help others as well. Thanks!

        Hans L

      • Message #1893

        Using POPFile with SSL, SPA, and NIS.

        Are you sure that you really need SSL and SPA ?

        SPA (Secure Password Authentication) is a proprietary Microsoft protocol used to handle logins to mail servers but it is not widely used. A quick internet search for information about this protocol suggests it only protects the login process, none of the actual email traffic is protected because it is sent as plain text. In other words SPA only protects the login details, not the actual email messages.

        SSL (Secure Sockets Layer) offers better protection because the login process and all of the email traffic is sent over a secure encrypted link to the mail server. In other words SSL protects the login details and the email messages.

        SSL is widely used on the internet, for example online banking sites and online shopping sites which use addresses beginning with https:// (instead of http://) use SSL encryption. Google's Gmail service uses SSL for POP3 and IMAP access.

        Wikipedia has a tiny entry about SPA (two sentences) but has a major entry devoted to SSL.

        Isn’t POPFile used only for incoming emails? If that is correct, should I really uncheck SSL setting SMTPS (outgoing)?

        POPFile only handles incoming email so if the email server requires SSL connections then your email client needs to be configured to use SSL when sending email.

        Some email clients default to using the POP3 username when sending mail and in these cases you need to explicitly define the username to be used when accessing the SMTP server. (You need to do this because the POP3 username has been modified to work with POPFile.)

        • Message #1894

          Okay, Brian, maybe I have misunderstood the SPA issue. I will check, and modify my settings.

          Thanks,

          Hans L

          • Message #1895

            Okay, I have a setup that seems to work.

            Now, once I have reclassified messages in History, can I delete them there?

            Hans L

            • Message #1897

              Now, once I have reclassified messages in History, can I delete them there?

              Once messages have been deleted they cannot be reclassified or have their reclassification undone. By default POPFile will automatically delete messages from the message history after a couple of days. This limit is one of the parameters you can change on the CONFIGURATION page in the User Interface.

              If you prefer, you can manually delete the messages using the buttons on the HISTORY pages in the User Interface.

        • Message #1896

          I forwarded saved spam messages to myself (receiver: [email protected]; sender: [email protected]). Then I reclassified them as spam. When I started forwarding a second batch of messages, they went into the spam folder right away. I seriously suspect that it is based on POPFile reading the sender (me!!!). That is not good, because a lot of spam come with sender = my email address.

          Is there a setting that tells POPFile not to look at sender UNLESS you have specifically added a sender email address (known spammer, for instance)?

          Oooops, I was wrong. I sent a 'regular' message the same way, and it was not sent to spam folder. SORRY!

          Hans L

          • Message #1898

            When I started forwarding a second batch of messages, they went into the spam folder right away.

            POPFile is very quick at learning how to classify mail. The How long will it take until POPFile will reach a decent accuracy? page in the wiki has some real statistics.

            • Message #1899

              Here is my working setup:

              Using POPFile with SSL, SPA, and Norton Internet Security.

              My email client's settings:

              POP3 server: 127.0.0.1

              SMTP server: original host server

              User ID: [original host server]:[original User ID]:ssl

              SSL settings:POP3S unchecked, SMTPS] checked

              POP3 port: 123 (was SSL port 995; standard: 110)

              SMTP port (SSL): 465 (standard: 25)

              STMP Authentication: Original User ID and Password entered

              POPFile settings:

              Buckets: good, spam, unclassified

              Configuration – POP3 listen port: 123

              Security – Remote Servers – Remote POP3 server (SPA/AUTH or transparent proxy): host server

              ... – Remote POP3 port(SPA/AUTH or transparent proxy): 110

              My email client – 123 – POPFile – [will use] 995 – NIS – [whatever port OR 110] – Host server

              Hans L

            • Message #1900

              Yes, POPFile is learning fast. Great.

              I got the program to work on my wife's computer too, and could both receive and send messages. However, when I went to her computer to look after a while, I saw this error message:


              Authentication failed. Please confirm that your user ID and password are correct. -ERR can't connect to

              carp.lunarservers.com:995carp.lunarservers.com:[orig. user ID]:ssl @ 127.0.0.1


              Strangely enough, we got emails to this email address after this error message, so I do not know if it was a fluke or something systematic (but I hope you can give me a clue).

              Even stranger, my wife, who normally gets about 80 spams a day to this email address, has not had a single spam message today (and it has nothing to do with POPFile, since I have not been able to train it yet ... no spams to train it on :-)!!!

              Regards,

              Hans L

              • Message #1901

                carp.lunarservers.com:995carp.lunarservers.com:[orig. user ID]:ssl

                It looks like the email client sent a garbled username to POPFile. I think the POP3 username in the email client should be set to

                carp.lunarservers.com:[orig. user ID]:ssl

                (the ":ssl" at the end tells POPFile to use port 995 so there is no need to add "995" to the username)

                • Message #1902

                  carp.lunarservers.com:995carp.lunarservers.com:[orig. user ID]:ssl


                  It looks like the email client sent a garbled username to POPFile. I think the POP3 username in the email client should be set to

                  carp.lunarservers.com:[orig. user ID]:ssl

                  (the ":ssl" at the end tells POPFile to use port 995 so there is no need to add "995" to the username)

                  Brian, believe me, the POP3 username was and is set to

                  carp.lunarservers.com:[orig. user ID]:ssl

                  Let's assume that the error message was a fluke, unless you can come up with a reasonable explanation.

                  As of the lack of spam, I must assume that just by accident, LunarPages? (the email host) had gotten so many complaints about spam that the bastards finally had to do something about it.

                  Regards,

                  Hans L

                  • Message #1903

                    If your wife's computer has an anti-virus package installed it might be scanning the data sent between the email client and POPFile. The error message suggests POPFile received a garbled username.

                    • Message #1904

                      If your wife's computer has an anti-virus package installed it might be scanning the data sent between the email client and POPFile. The error message suggests POPFile received a garbled username.

                      No more such messages, and I have not gotten any (and I have the same setup as my wife). Fluke, no doubt.

                      Regards,

                      Hans L