Question re. Mozilla Thunderbird and my AVG anti-virus config.

The Mozilla Thunderbird FAQ says the following.

Is Thunderbird susceptible to e-mail viruses?

Thunderbird will not allow a virus or worm to execute automatically. You can see what attachments have been sent to you without a virus being able to execute, and you would have to save a file to your system and deliberately run it before it could cause any harm.

JavaScript is switched off by default for mail and news, so an e-mail cannot run script code just by being opened.

As with any mail program, take proper caution before running any file that you receive in e-mail. Appropriate anti-virus software should also help keep you safer.

http://texturizer.net/thunderbird/faq.html#q2.1

Can anyone confirm that you cannot run an executable email attachment from Thunderbird like you can from Outlook Express just by double clicking on it? From the Mozilla FAQ above it appears that they are implying that you actually have to save the attachment first before you could run it (e.g. the FAQ says: you would have to save a file to your system and deliberately run it before it could cause any harm ). Presumably that means that if in a fit of absent mindedness I double clicked on an attachment within Thunderbird it would not try to execute like it would from Outlook Express. Once I saved the attachment to disk even if it was virus infected if my AVG definitions were up to date, the AVG antivirus would catch it when I tried to run it (or when I manually checked it by right clicking on it and scanning with AVG). Am I on the right track here?

I have hesitated switching to Thunderbird from OE up till now because I had concerns as to how Thunderbird would integrate with AVG for anti-virus protection. If my understanding of the FAQ response is correct, and I had to save an attachment before I could execute it, then I guess I would not have a real cause for concern.

bird. Unlike OE, scripts or other executables which arrive in an email will not be automatically executed when the mail is opened. Whether you can actually run one by clicking, I don't know. Never tried, and won't. The junk mail filter, once trained, is very effective in diverting that sort of crap into a junk folder.

My understanding was that the free version of AVG could not be configured to scan Thunderbird attachments but I just found out last night that AVG now has an updated free version (ver 7.0) available for download that can be configured to scan SMTP and POP3 email client attachments.

e.g. See this thread at mypcclinic
www.mypcclinic.com/forums/archive/index.php/t-6116

From the AVG site at www.grisoft.com

In our ongoing efforts to provide the best possible protection against computer viruses for individual consumers, we felt it was the appropriate time to overhaul and revise our hugely successful Free Edition of AVG so that consumers could realize some of the benefits and features of the considerable development and improvement that AVG has undergone” commented Peter Lipa, President of Grisoft Inc. “ We have successfully completed the beta trials of the new version of AVG Free, which has been received very positively by the many testers who participated in the program. The new AVG Free Edition is available to all users on November 10th 2004. As to ensure that there will be no loss of protection to our individual AVG Free users, both versions of AVG Free will be available for approximately the next two months so that these users will have plenty of time to download and install the updated version before their current version expires.

<snip>

The new AVG Free Edition has, among others, these exciting features:

* An improved scanning engine that supports the rapid implementation of new detection techniques.
* The new user interface is designed to improve user satisfaction and ease of use.
* Support available through the AVG Free Online Services, which include a User Forum, Virus Encyclopedia, and FAQ section
* Classification of updates according to their importance into three different levels - priority, recommended and optional.
* In addition to supporting individual e-mail clients through program plug-ins (e.g. The Bat, MS Outlook 95/97/2000/XP, etc.), a significant addition for protecting e-mail clients has been added. The Personal E-mail Scanner - AVG EMS, which supports SMTP and POP3 e-mail clients can be set up automatically during installation.

I'll have to download it and try it out.

and I could not get to my ThunderBird mail or my hotmail. So I tried the addy http://www.mypcclinic.com/forums/archive/index.php/t-6116
and still could not get ThunderBird to open. I uninstalled it but will keep trying.

and AVG definitely scans for POP messages now.
My download is slower because of it.
(at least it seems so)

Not sure about the automatic execution thing, though.

I can confirm that you have to turn Javascript on.

Cletus