vbSendMail Virus Scan Issue


I'm trying to use vbsendmail (freeware) to send emails from my app using smtp. Works fine on my personal computer, but at work having a problem with the virus protector. The app will be installed on a server and I cannot control the firewall nor the virus scan software.

How can I get around this?

thanks I'm quite at a loss....
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

"and I cannot control the firewall nor the virus scan software. " - Simple answer, your going to have too. Smtp will be sending the mail out on port 25, so make sure your firewall allows outbound traffic on that port (it should already).

Second, regarding the antivirus, which version is it, what company makes it. (I'm guessing McAfee here for some reason). If this is a standalone application, I don't think there should be a problem. Most AV's only hook into the popular email clients. I don't ever recall seeing a TDI filter included in an AV product, then again, never really looked.

I've never used this vbsendmail control before and have no idea how it works, if it is using outlook automation, then that's probably what is triggering the AV. If that is the case, writting an SMTP engine yourself should solve the AV problem. There are plenty of open source smtp engines in VB on planetsourcecode.com.

surfsista9Author Commented:
vbsendmail is using wsock32 -- it is a freeware dll not a control. Apparently what I've read this dll is very mature and used quite a bit.  I haven't looked at the source code yet, but possibly there is something I can modify so this can work with McAfee?

You are right the AV is McAfee.
surfsista9Author Commented:
Vbsendmail is not using outlook automation at all.
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Sorry for the slow reply...

In that case, McAfee must include some sort of network filter (or it's hooking 'nasty like' as usual). McAfee is horrible about patching images in mem ect...

If there is no config option to disable the behavior that is giving your problems, don't try to defeat it. McAfee hooks so invasivly, you'll ultimatly make the system unstable if you try to bypass what it's doing. Remember, a large portion of it runs in kernel land, you can't compete on that level with VB.

The best way to get past this in my opinion would be to unistall McAfee. You can in turn install a different AV on this server, CA sucks but doesn't hook like McAfee does (at least not as bad).
surfsista9Author Commented:
Forgive my lack of knowledge...it seems I'm always stuck doing things I know little about. Do not ask me why...but, I'm curious how they are using smtp to send mail in other ways (other than wsock)  with McAfee. Somehow they must send mail using smtp. Guess I need to research.
//Forgive my lack of knowledge...
Forgive my crappy way of expaining what is going on here.

//it seems I'm always stuck doing things I know little about.
This is how we all learn.

//I'm curious how they are using smtp to send mail in other ways (other than wsock)  with McAfee. Somehow they //must send mail using smtp.

It is using Winsock, since I haven't walked threw McAfee I can't tell you exactly what is happenin here but I can make some well informed guesses. McAfee hooks and patches in memory images a lot!!! What it is most likely doing is locating the 'in memory' image of the winsock dll. It then modifies the image in memory (it locates certain functions and modifies those by injecting it's own code). Then, when your program calls a winsock function, the call must go threw the normal winsock code, and then the code inserted into winsock by McAfee. Winsock is still being used, but it's behavior is modified from the code that McAfee injected. It's like taking a detour, you still get where you were going but it takes a little longer and you travel a different route. Same concept here, just with program flow - execution. This is esentially a hack and is a crappy method of doing this...

Now, after I just finished typing all that, I'm starting to have a vague recollection of McAfee using a LSP filter. I'm going to have to tear into McAfee later. Now I'm curious :-). I'll load McAffee onto my test machine tonight and fire up the kernel debugger to get a definitave answer on how McAfee does this....

None the less, switching AV products would still fix this. As I said earlier, trying to go around what McAfee is doing will lead to the system being unstable.



Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
surfsista9Author Commented:
Thanks for the info.

Interestingly, it works on the server I needed it to work on (for another company) that has McAfee as well...so apparently they do not have this filter set. Eventually I will need to get this to work on the other company, so very interested in what you find out.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Programming Languages-Other

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.