• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

This forum thread needs a solution.
Kudos0

Norton Anti-Spam Is Worthless

I have seen complaints about NIS Anti-Spam not working with SSL connections that go back to 2010.  How can you ignore your customers for so long?  I have seen your lame excuses on how there is not need for it. All I can say is that the people making the responses are ignorant.  You should not have them representing you.  I am a computer professional, a consultant, and a former VP of Engineering for a large company.  I am blown away by your lack of response or apparent care for long time customers.  The fact that your competitors like McAfee do in fact filter for spam on SSL connections shows that it can be done. Why don't you give an honest answer instead of excuses? All I can say is "WAKE UP!"

Replies

Kudos2 Stats

Re: Norton Anti-Spam Is Worthless

rboaz:

The fact that your competitors like McAfee do in fact filter for spam on SSL connections shows that it can be done. Why don't you give an honest answer instead of excuses? All I can say is "WAKE UP!"

Yes it can be done - by employing a man-in-the-middle setup, which sort of defeats the purpose of SSL and is something that some security companies elect not to do.

Kudos0

Re: Norton Anti-Spam Is Worthless

Of course there is a man-in-the-middle setup.  I am paying for a service to look at the email and toss it in a spam folder if it determined to be spam. You may be alluding to where this man-in-the-middle software resides in the email processing infrastructure.  As long as the anti-spam software is doing the work on my local machine that is fine.  I am thinking the email can be decrypted from SSL, run through anti-spam before it hits my inbox (or filtered immediately when it hits the inbox?). I am assuming you have such software hooks into Outlook.  If you are telling me that the email would have to be decrypted and sent outside of my computer somewhere then a special SSL connection could be used there also for that purpose (although I don't see why that is necessary to sent it externally).

Consider that unencrypted POP3/SMTP connections are going away as far as major ISPs are concerned. I have had to change my email servers twice in the last year or two because they no longer allow unencrypted POP3/SMTP connections. 

I have used and trusted in Norton products since the early 1980s. Without an anti-spam solution I will have to go to McAfee.  Since I help my extended family with their cyber matters, they will all bail on you also. SAD. DISAPPOINTING.

Kudos0

Re: Norton Anti-Spam Is Worthless

Hello rboaz. I currently use the anti-spam add-in enabled within NSBU, with SSL enabled on Outlook 2010 on Windows 10 1803. Below is a screenshot of my Outlook 2010 settings. This configuration indeed works and on multiple machines. Personally, spam filtering should begin at the provider level before it leaves their servers.

SSL is all about "key exchange" at the machine and/or server level, of which MITM can impersonate a valid CA key. Most web based e-mail is of course worthless because of the MITM interactions with the website and the browser being utilized as an exploitation avenue. Most are not TLS based. On the other hand, my Outlook performs many of the functions needed in conjunction with my Norton product to provide me an adequate level of protection. In the latest version of NSBU "exploit prevention" is built in without any user settings to modify.

Providers are always looking for the cheapest way to provide services to its customers. RSA and Diffie-Hellman are two different algorithms. Diffie-Hellman is a one way one trip key exchange which cannot be intercepted. In a perfect world where providers really gave a hoot "Forward Secrecy" would be the rule of the day. Providers aren't going to spend the kind of funds or use the manpower needed to provide and maintain it. Bottom line is of course....the corporate bottom line. Maybe @Sunil_GA can provide a better reflection on the subject. 

All I can say is that the people making the responses are ignorant.  You should not have them representing you. 

Please feel free to contact support, I'm sure they can elaborate on what the official responses are to anti-spam and SSL support.

Cheers

"From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Home / Professional x 64 version 1903 / build 18362.175 / N360 Deluxe 22.17.2.47 / Norton Core v.282 on Android 2.00
Kudos0

Re: Norton Anti-Spam Is Worthless

SoulAsylum:  Thank you for your response. Your settings are essentially the same as mine.  My Feedback switch was "On" vs. "Ask Me". I don't think you are getting any benefit of Norton antispam at all.  In my previous versions of the product, NIS would put in the title of the message, "[NortonAntiSpam]" and move them to a folder named "Norton AntiSpam Folder". I believe the move is accomplished by Outlook which sees "[NortonAntiSpam]" and moves it.  Now nothing gets identified and nothing gets moved. If you go to "Settings", then the "Filter" tab and select "Protected Ports" you will see that you cannot put your ports into the list. A level 2 person (or higher?) said that they do not support SSL for email at all. Interestingly enough, if I mark an email and say it is spam, it moves it to the "Norton AntiSpam Folder" folder.  Doesn't modify the title though.

What I hear you saying is that it is working but it uses a lousy algorithm. I don't have any evidence that it is working.  Do you? Outlook has a junk filter but this is separate from Anti-Spam based on my past products.

How long have you had NIS?

Kudos0

Re: Norton Anti-Spam Is Worthless

Everyone:

I have run tests and how I have described Norton AntiVirus in my previous post is exactly correct.  SoulAsylum, Norton AntiSpam is doing NOTHING for you.  The Norton Level 2+ guy was correct. I changed the POP3 and STMP ports to those that do not have SSL (against the recommendation of my email server provider and that of any IT professional anywhere) and Norton AntiSpam worked as advertised (as I have described in my previous post). EVERYONE: The bottom line is this, if AntiSpam is important to you, you will have to buy another productNORTON - YOU SHOULD NOT CLAIM YOU HAVE ANTISPAM if it doesn't work in standard configurations.

This thread is closed from further comment. Please visit the forum to start a new thread.