These GUI/informaion bugs are additional to those reported for 2.6.
Blocked message action drop down list in authentication database screen actually applies to account selected on quarantine database screen. This is very confusing.
The ‘Pending’ status in the QDb is not explained anywhere.
(Self evidently) New features since 2.6 are not yet documented
GUI does not give any indication that, when entering email account settings manually, the POP3 password is still automatically capture by the client. This confuses people as they cannot find anywhere to put the password.
What the problems is: a) Some possibly all mail services that absolutely require SMTP authentication do not work with CAS (eg GMX.com). b) There appear also to be problems on occasions with POP3 authentication too. These appear to be related to password import (from clients from which CAS can import accounts eg Thunderbird ) or real time capture (in the case of client that require CAS to be manually set up, and from which the password is subsequently captured).
The problems occur with normal username and password authentication - I have not tried SPA. Note that many Internet Service Provider mails services (Eg www.zen.co.uk) say they require authentication but its seems they do not - they only prefer it. This may lead you to bellieve that CAS is handling authentication correctly when in fact it is not.
Whether you can reliably reproduce the problem and if so exactly how:
a) Try to set up CAS for GMX.com which requires POP3 and SMTP authentication. (I tried Outlook Express and Outlook and Thunderbird), If you import the settings from Outlook, and ask CAS to ‘use POP3 authentication settings’ a POP3 user name, SMTP User name and SMTP password is displayed in CAS accounts settings, but evidently not supplied at the right time as you get the appended errors. Wierdly the password is only displayed after unticking and ticking the ‘use POP3 authentication settings’ tick box. If you try to set up the settings manually you find there is no space for the POP3 password (presumably it is normally captured from the client in real time), though there is a place for the SMTP password. If you enter the password when prompted by an error message CAS does not use it or remember it. If you enter an SMTP user name and SMTP password manually (choosing not to use POP3 auhentication settings) it appears to save them but does not display them next time you load CAS. However you try to enter these details, log on fails.
b) The same problems are also experienced when using www.hotmail.com, which requires SMTP and POP3 authentication and SSL - except the errors generated are SSL errors, but since the SSL settings are absolutely correct, these probably have their source in the authentication setttings. The SSL errors were . “Data receiving error while connecting to SSL server” “Data sending error while connecting to SSL servier” “Secure Pop3 connection to pop3.live.com on port 995 failed” These errors, after one repetition, cause a Windows lock up, requiring a re-boot (This too is replicable - happened to me 3 times). NB pop3/SMTP.live.com are now the correct email server domains for hotmail.
Your Operating System & version: XP SP3
Other Security and Utility Software Installed: Comodo - CIS, CVE, CIV, CLP, Easy VPN; Other- Filezilla, Wallwatcher, Sony Ericsson PC software, Actual Window Manager, Routerstats, Revo, Process Explorer, Copernic Desktop,
Email client & version: In this case Outlook 2003, Outlook Express and Thunderbird
How you tried to solve it, and what the result was: I have tried all possible manual authentication settings using the CAS interface. And three different email clients. And in desperation tried editing the registry keys - the settings in some cases were obviously incomplete - eg missing the POP3 or SMTP password. Have a look at the relationship betweeen these keys and what you set in the GUI and you will see what I mean! NB import of account settings into keys seems particularly flawed for Thunderbird - only part of the user name is imported and the POP3 password is not. Even with an apparently consistent and complete set of registry keys log on to these (gmx and live/hotmail) services is not possible, suggesting processing as well as data problems. (I am experienced at editing registry keys, but of course can only infer the correct settings)
Please append memory dumps or screen shots if possible.
What the problems is: Importing accounts from my copy of Thunderbird CAS imports only part of the POP3 account name and email account name if the account name includes a domain. So if the email account name is fred[at]boggs.co.uk it imports only “fred”. It also appears to garble the user name, and does not import the POP3 password. Finally when SMTP authentication is set it does not set the SMTP user name, or SMTP password - these are not visible either in the GUI or in the registry.
Whether you can reliably reproduce the problem and if so exactly how: Yes, just import the email account, happens every time.
Your Operating System & version: XP SP3
Other Security and Utility Software Installed: Comodo - CIS, CVE, CIV, CLP, CSE, Easy VPN; Other- Filezilla, Wallwatcher, Sony Ericsson PC software, Actual Window Manager, Routerstats, Revo, Process Explorer, Copernic Desktop,
Email client & version: Thunderbird, v 3.0 (in this case)
How you tried to solve it, and what the result was: If you update the account manually some of the problems can be corrected, but others like the lack of a POP3 password cannot.
Please append memory dumps or screen shots if possible. Registry screen shots contain email domain information which is too complex to obscure, so available by email on request (please pm me).
What the problems is: If you block a domain and set CAS to delete block emails you expect emails from new addresses within the domain to be blocked and deleted but they are not. The same applies if you allow a domain. Instead only addresses that have already been encountered are blocked/deleted or allowed. For example say you receive an emails from fred[at]bloggs.co.uk, and mike[at]bloggs.co.uk, and jane [at]bloggs.co.uk. You then decide to block the domain bloggs.co.uk, and set a rule that blocked emails should be deleted. This has the effect of blocking mike, fred and jane, and deleting emails from them; but if mary[at]bloggs.co.uk sends you an email she is treated as if she is an unknown sender and sent a challenge email.
Whether you can reliably reproduce the problem and if so exactly how: Set a rule to block a domain and delete blocked emails (advfn.co.uk is a good domain to register with, as it constantly send out emails with different addresses). Or set a rule to allow a domain. Wait until you get an email from a new addresss within the domain.
Your Operating System & version: XP SP3
Other Security and Utility Software Installed: Comodo - CIS, CVE, CIV, CLP, CSE, Easy VPN; Other- Filezilla, Wallwatcher, Sony Ericsson PC software, Actual Window Manager, Routerstats, Revo, Process Explorer, Copernic Desktop,
In part this is additional information to this version 2.6 bug here.
What the problems is:
a) On occasions, particularly if I have not logged on to email for a week, and processor usage is high when I do log-on, all emails stored on the email server, including those already downloaded by CAS, are downloaded into my email client. This includes copies of those in the CAS Qdb. What appears to be happening in this case is that Outlook omits to go via CAS to download its emails, possibly because the high processor load does not allow CAS to leap in fast enough. Outlook (or the server) does not know it has already downloaded the messages because it previously doanloaded them via CAS
b) On rare occasions, mainly on resume from standby, if I press send receive when the ‘LAN connection established’ bubble is visible, just the items in the QDb are downloaded into the email client. (Though copies remain in the Qdb).
Whether you can reliably reproduce the problem and if so exactly how: No easy to replicate, but happens enough to be irritating.
Your Operating System & version: XP SP3
Other Security and Utility Software Installed: Comodo - CIS, CVE, CIV, CLP, CSE, Easy VPN; Other- Filezilla, Wallwatcher, Sony Ericsson PC software, Actual Window Manager, Routerstats, Revo, Process Explorer, Copernic Desktop,
How you tried to solve it, and what the result was: I noiced that the CASproc.exe were running at below normal priority(6), and have used Process Tamer (a utility) to increase the priority level (to 10). So far (for 3 weeks) these problems have not reccurred.
Please append memory dumps or screen shots if possible. None yet
Any other relevant information: Seems to have occurred since re-installation of CSE - link to their joint ussage of CEMLSP.Dll maybe?
What the problems is: Outlook locks up when sending and receiving occasionally (about once per week) when used with CAS. This lockup occurs without any CASproc being launched, and with no error message from Outlook - the Outlook send receive dialog just stays open, showing 25-50% progress for ever (most usually 50% suggesting all sends but no receives done). After a lock-up Outlook will not send receive normally again until Outlook has been closed and re-opened. Closing Outlook requires use of taskmanager ‘kill’ facility, as otherwise Outlook (if you close by File ~ Exit) is left open with no UI displayed. It’s very difficult to find any PC-related pattern in these lockups, suggesting perhaps it is something like a server response that is received infrequently, and CAS cannot handle.
Whether you can reliably reproduce the problem and if so exactly how: Not reproducible, apparently random
Your Operating System & version: XP SP3
Other Security and Utility Software Installed: Comodo - CIS, CVE, CIV, CLP, CSE, Easy VPN; Other- Filezilla, Wallwatcher, Sony Ericsson PC software, Actual Window Manager, Routerstats, Revo, Process Explorer, Copernic Desktop,
How you tried to solve it, and what the result was: N/A
Please append memory dumps or screen shots if possible. Please see appended.
Any other relevant information: NB CSE is installed, but this bug still seems to occur if CSE processing is disabled. No SSL accounts are being filtered by CAS. CIS settings See appended config report for details.
What the problems is: Non-quarantined emails are downloaded in duplicate after Outlook error saying something like: ‘Your email server reported an internal error. If this problem persists, please contact your email service provider’. The account concerned is monitored by CAS. Unlike other duplication errors, this error does not seem to be related to standby mode, or SSL accounts (My SSL account was disabled).
Whether you can reliably reproduce the problem and if so exactly how: Not possible to replicate, has only happened once.
Your Operating System & version: XP SP3
Other Security and Utility Software Installed: Comodo - CIS, CVE, CIV, CLP, CSE, Easy VPN; Other- Filezilla, Wallwatcher, Sony Ericsson PC software, Actual Window Manager, Routerstats, Revo, Process Explorer, Copernic Desktop,
How you tried to solve it, and what the result was: N/A
Please append memory dumps or screen shots if possible. Update: now appended
Any other relevant information: CSE re-enabled about a week ago, otherwsie no recent relevant changes in email settings. My best guess is that CAS does not properly trap and deal with the server error. It is also possible since CAS is operating as a proxy, that Outlook is ‘seeing’ CAS as a server and is reporting a CAS error.
My opinion on importance: Moderate - due to low frequency
Update: I have now managed to trap the Outlook error message (appended)