Hi all,
Currently trialing a number of anti-spam programs while waiting for further development / improvement of Comodo anti-spam.
Here’s the question. One of the default firewall Zones is set 127.0.0.1 as a Trusted Zone.
Should this be changed if your using Anti-spam filtered to that IP such as in Popfile or Spamhillator?
Eric
Meaning that you don’t trust the machine that your keyboard and monitor are attached to? This kind of gets back to the original question that Rene Descartes asked way back when, coming up with the answer of “I think therefore I am”. By trusting localhost, 127.0.0.1, means that you trust yourself and the processes you’re running. Gotta start somewhere.
Going back to the historical definitions, when Internet networking was a new and untried thing (circa 1975), folks found that services accessible over the network simply weren’t available to the processes running on the very same machine. Process pipes aren’t the same thing as IP addresses, and the two exist in different universes. The engineering solution was to define a pseudo address for the machine, allowing processes to talk to itself as well as talk to LAN neighbors. Convention agreed to by everybody in the room, was that any host will call itself 127.0.0.1, and that the entire 127.0.0.0/8 address space would be reserved for localhost daemons and services. This was, I think, before they found out that the machine would seize up polling interrupts for all those addresses, and had to come up with dispatching daemons like inetd.
Does that help?
Yes, that helps. I was just curious is all as my email was routed through to 127.0.0.1 when using antispam software.
I seem to be getting problems with Outlook.exe shutting down properly with each anti-spam product I install. There even seems to be a problem with avast and some antispam apps.
Eric
That’s an example of why 127.0.0.1 came about. Otherwise the email program would have to be configured to use local process communication, rather than simply changing an IP address.
Re Outlook… The full blown Outlook program is part of the Office package, and is intended for use on a LAN, and so tries to stay in constant contact with a LAN server. That keeps calender, and all the other Outlook non-email functions, functioning. More typical email-only programs don’t make the assumption they’re running in an office LAN environment, and so behave a little more reasonably. It’s just different design assumptions.
Since Outlook is talking to the antispam virus filter that’s on the machine, the LAN connection is really just the bit next door, from one process to the other. In other words, “it’s working as designed”.
You need to configure the ports used for localhost (127.0.0.1) to keep all the antispam and antivirus sorted out. Avast! is a transparent proxy and can be set up to scan email on whatever port you want and put it out on the same port. What you want to avoid is an AV and an ASpam fighting each other and your mail client to intercept your mail. So you would like to have the AntSpam connect to the email server on port 110, scan it, then put the approved mail out on port 12110 (the port Avast! actually uses for the mail proxy) for virus scanning, and then have Avast! pass the mail on to Outlook after virus scanning. So it will look to Outlook like you are picking up mail directly from the internet via localhost.
YMMV since I don’t use Outlook or an AntiSpam, but you are really just building a TCP/IP Daisy chain of outbound connections via localhost to accomodate mail treatment before it gets to Outlook. I do the same thing for encrypted email, but use Avast! and Stunnel as the proxies for scanning and encryption instead and have Stunnel connecting directly to the email server on port 995 and decrypting the mail before passing it on to Avast! and then to Thunderbird on localhost port 11110. 
[attachment deleted by admin]