Please help: Comodo stops 30 HIGH SEVERITY events

I am thinking that I simply need to set up a new rule as I am pretty sure that my computer is safe. However, I need to check with you all just be to be sure. My service provider is COMCAST. However, I get my inbound email through Network Solutions.

In any case, I get to my computer this morning to see that CPF blocked 30 High severity events between the hours of 12noon and 5pm yesterday. It was the same event each time stopped by the Application monitor or the Application Behaviour Analysis.

Description: Application Access Denied. msimn.exe: (IP ADDRESS) : pop-3 (110)

Application: C:\Program Files\Outlook Express\msimn.exe

Protocol: TCP OUT

Destination: (IP ADDRESS) pop-3(110)

The IP address listed in the log is owned by Network Solutions.

NOTE: I just upgraded to Internet Explorer 7 Sunday morning.

Any idea what this is? Should I keep blocking or make a rule? If I should make a rule, what should it be?

I suspect that OE is trying to either check if you have new mail or download your new emails.

Which email client do you use?

It probably started because the MSIE7 upgrade also upgraded the whole of OE or some of its components. CPF is probably blocking this because OE is attempting an invisible connection attempt (without user interaction).

Yep…I use Outlook Express. The thing is, it check for emails every 5 minutes. I haven’t had this happen since 5pm last night. Would Comodo have self corected?

It is possible. But, I don’t think there have been any trusted application updates from Comodo (I might be wrong - I’ve no way of checking). I think that it is more likely, that you answered a CPF pop-up relating to OE and/or rebooted… the reboot bit might be needed if at some point you had blocked something. Did you run a scan for know applications?

I did runa scan for known applications. But not since isntalling IE7. Maybe ai shouild that.

Probably not. Mainly because I don’t think Comodo have updated CPFs trusted app database since MSIE 7 Final was released. The CPF team are completely focused on the next version at the moment.