vbSendMail Virus Scan Issue

Posted on 2006-04-14
Last Modified: 2013-11-13

I'm trying to use vbsendmail (freeware) to send emails from my app using smtp. Works fine on my personal computer, but at work having a problem with the virus protector. The app will be installed on a server and I cannot control the firewall nor the virus scan software.

How can I get around this?

thanks I'm quite at a loss....
Question by:surfsista9
    LVL 8

    Expert Comment

    "and I cannot control the firewall nor the virus scan software. " - Simple answer, your going to have too. Smtp will be sending the mail out on port 25, so make sure your firewall allows outbound traffic on that port (it should already).

    Second, regarding the antivirus, which version is it, what company makes it. (I'm guessing McAfee here for some reason). If this is a standalone application, I don't think there should be a problem. Most AV's only hook into the popular email clients. I don't ever recall seeing a TDI filter included in an AV product, then again, never really looked.

    I've never used this vbsendmail control before and have no idea how it works, if it is using outlook automation, then that's probably what is triggering the AV. If that is the case, writting an SMTP engine yourself should solve the AV problem. There are plenty of open source smtp engines in VB on


    Author Comment

    vbsendmail is using wsock32 -- it is a freeware dll not a control. Apparently what I've read this dll is very mature and used quite a bit.  I haven't looked at the source code yet, but possibly there is something I can modify so this can work with McAfee?

    You are right the AV is McAfee.

    Author Comment

    Vbsendmail is not using outlook automation at all.
    LVL 8

    Expert Comment

    Sorry for the slow reply...

    In that case, McAfee must include some sort of network filter (or it's hooking 'nasty like' as usual). McAfee is horrible about patching images in mem ect...

    If there is no config option to disable the behavior that is giving your problems, don't try to defeat it. McAfee hooks so invasivly, you'll ultimatly make the system unstable if you try to bypass what it's doing. Remember, a large portion of it runs in kernel land, you can't compete on that level with VB.

    The best way to get past this in my opinion would be to unistall McAfee. You can in turn install a different AV on this server, CA sucks but doesn't hook like McAfee does (at least not as bad).

    Author Comment

    Forgive my lack of seems I'm always stuck doing things I know little about. Do not ask me why...but, I'm curious how they are using smtp to send mail in other ways (other than wsock)  with McAfee. Somehow they must send mail using smtp. Guess I need to research.
    LVL 8

    Accepted Solution

    //Forgive my lack of knowledge...
    Forgive my crappy way of expaining what is going on here.

    //it seems I'm always stuck doing things I know little about.
    This is how we all learn.

    //I'm curious how they are using smtp to send mail in other ways (other than wsock)  with McAfee. Somehow they //must send mail using smtp.

    It is using Winsock, since I haven't walked threw McAfee I can't tell you exactly what is happenin here but I can make some well informed guesses. McAfee hooks and patches in memory images a lot!!! What it is most likely doing is locating the 'in memory' image of the winsock dll. It then modifies the image in memory (it locates certain functions and modifies those by injecting it's own code). Then, when your program calls a winsock function, the call must go threw the normal winsock code, and then the code inserted into winsock by McAfee. Winsock is still being used, but it's behavior is modified from the code that McAfee injected. It's like taking a detour, you still get where you were going but it takes a little longer and you travel a different route. Same concept here, just with program flow - execution. This is esentially a hack and is a crappy method of doing this...

    Now, after I just finished typing all that, I'm starting to have a vague recollection of McAfee using a LSP filter. I'm going to have to tear into McAfee later. Now I'm curious :-). I'll load McAffee onto my test machine tonight and fire up the kernel debugger to get a definitave answer on how McAfee does this....

    None the less, switching AV products would still fix this. As I said earlier, trying to go around what McAfee is doing will lead to the system being unstable.



    Author Comment

    Thanks for the info.

    Interestingly, it works on the server I needed it to work on (for another company) that has McAfee as apparently they do not have this filter set. Eventually I will need to get this to work on the other company, so very interested in what you find out.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Having just graduated from college and entered the workforce, I don’t find myself always using the tools and programs I grew accustomed to over the past four years. However, there is one program I continually find myself reverting back to…R.   So …
    Since upgrading to Office 2013 or higher installing the Smart Indenter addin will fail. This article will explain how to install it so it will work regardless of the Office version installed.
    The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.
    This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now