Any way to tell it not to scan the mail files?

Post #331,671 by scoenye 8/22/10 3:06:56 PM Reply	Any way to tell it not to scan the mail files? (The Inbox lost its contents because Symantec quarantined the whole file.) It may be a bit problematic as Thunderbird doesn't seem to use extensions for the main files. Alternatively, turn off the on-access scanner for now. Restore the inbox from quarantine. You may have to reindex. Delete the suspected message by hand and compact the Inbox. Symantec's AV products have always had difficulties scanning ZIP files. That may be what the other error messages are about.
Post #331,673 by folkert 8/22/10 3:11:43 PM Reply	^^^^ GREAT ADVICE! ^^^^
Post #331,676 by Another Scott 8/22/10 4:10:44 PM Reply	Probably. Yeah, like so many other programs, Thunderbird keeps mailboxes as a single file. One of the things I really liked about PMMail was that it kept each message separate. It made it much easier to fix when something went wrong. I found the Quarantined Inbox mailbox (265kB). I really shouldn't let it get that big.... I tried the standard instructions about booting in SafeMode, running SBS&D and SAV, etc., but nothing fixed the Trojan problem. On rebooting I turned off "File System AutoProtect" and got the Inbox file out of Quarantine. I started up Thunderbird and deleted what I think are the problematic files, and compacted the mailboxes. FSAP is back on, but I haven't run a new scan just yet. I'll start that in a few minutes. I think there's a setting in Thunderbird about incoming AV scanning - I'll check after I do another scan. I'll probably keep incoming scanning on, and just be careful about keeping the size down. Although I get very little mail, I don't want to risk infecting other machines. Thanks! Cheers, Scott.
Post #331,678 by Andrew Grygus 8/22/10 6:11:37 PM Reply	So why aren't you using PMMail then? It's available for Windows. I use it every day - mostly on OS/2, but also on Windows, and I have several clients who have used it on Windows since the days when eMail infections became rampant. The thing I like best about PMMail is the ease and clarity with which you can maintain completely separate email accounts. I run one instance of PMMail for support and it has accounts for 17 client mailboxes. I run another instance for my own 13 mailboxes (at several hosting services).
Post #331,679 by Another Scott 8/22/10 6:35:57 PM Reply	I needed Kerberos authentication. I made the transition from PMMail to Eudora and then to Thunderbird for work. IIRC, PMMail wouldn't work with Kerberos. A few years after I moved from PMMail to Eudora, Eudora stopped being updated, so I went to Thunderbird. It also seems to be in danger of being orphaned, but it's working well at home and work so far. If I started using IMAP it probably wouldn't be an issue, but I'm still mostly on POP and I haven't felt the need to investigate it more. Evolution may be great, but since I've never used an integrated calendar/mail product like Outlook I haven't felt the need to try it out. Cheers, Scott.
Post #331,680 by Another Scott 8/22/10 8:39:28 PM Reply	Got it fixed. After turning off FSAP and moving the Inbox out of Quarantine, I was able to delete the 5 problematic e-mail files and compact the mailboxes. I then did a full scan of C: and SAV found 2 infected files. I was able to delete them, turn FSAP back on, and everything seems Ok now. Thanks all. Cheers, Scott.
Post #331,797 by Another Scott 8/25/10 7:56:41 AM Reply	One more thing - a Thunderbird setting tweak. There's a setting in Thunderbird that lets SAV (or other AV) grab only the infected message rather than the whole Inbox file. Tools->Options->Security->Anti-Virus tab: Check "Allow antivirus clients to quarantine individual incoming messages". I'm still getting trojan attempts, and SAV still takes forever when it finds one, but at least it's not grabbing the whole Inbox now. Cheers, Scott.

Welcome to IWETHEY!