NAV positions itself between the
POP3 mail server and the e-mail client making it a critical link.
When it malfunctions it can halt e-mail delivery.
The tricky thing about e-mail
scanning is that it has to take place in real-time. Once the e-mail
shows up in your in-box it's too late in many cases to prevent
damage by a malicious worm or attachment. The anti-virus software
has to therefore intercept the e-mail message after it leaves the
POP3 server at the ISP but before it gets to the PC's e-mail
program. NAV does this by installing a virtual POP3 server on the
PC. (N.B. NAV can't scan HTTP accounts like Hotmail). When NAV2000
is installed it creates this virtual server, giving it an address of
127.0.0.1 (a standard loopback IP address); NAV2001 calls it
pop3.norton.antivirus. All incoming mail is then routed through this
virtual server before being sent to your inbox.
If you press CTRL-ALT-DELETE you
will see a program running called Popproxy. This is NAV's virtual
server. The system will work fine as long as NAV's virtual POP3
server is open for business. If this process gets shut down, the
virtual server will stop working and no mail will get forwarded to
the e-mail client.