Menu
What's new
By:
Filters Better Search

email alert - trend micro AI protection

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

C

criminala

Regular Contributor
Not sure if it also not working in the official Asuswrt (never used that) . But in Asuswrt Merlin I tried to use the email alert option with a gmail address (specifically created for this , untrusted apps allowed , imap opened etc.) , yet when I visit a test malware (https://www.wicar.org/test-malware.html) website , the counter of mliscious sites blocking goes up but no email is being sent .
Logs also do not make mention of a sent email .

Used the corect email and password in the box of "alert preference" . (tried also to not include @gmail.com , but no difference)

Anyone else noticed this ? Or maybe , someone who has this working on 386.1 ?
 
It's working for me on 386.1. You have to create an app password in your Google account if you have two-factor authentication enabled instead of using your actual password.
 

Attachments

  • Screenshot_20210203-070206.png
    Screenshot_20210203-070206.png
    164.8 KB · Views: 223
Good to see someone has it working !

I do not have 2fa enabled myself because I do not want to link my phonenumber to an account only used for occasionally sending these aiprotection reports .
But just spent hours on trying to create another QQ/AOL/gmail account to no avail . :(

I have the gmail account to allow less secure apps but even that is not enough apparently . Also tried adding a recovery email in gmail , but did not change anything either .
Think I will have to give up on this as the current implementation is -IMO- rather incomplete . Most things who use your account for sending email redirect to the gmail/365 website and make you login directly . (synology comes to mind)

No way to disable this option either . The router might as well hammer the gmail servers right now or every time it wants to send an email .. . No idea .
 
Last edited:
criminala said:
Good to see someone has it working !

I do not have 2fa enabled myself because I do not want to link my phonenumber to an account only used for occasionally sending these aiprotection reports .
But just spent hours on trying to create another QQ/AOL/gmail account to no avail . :(

I have the gmail account to allow less secure apps but even that is not enough apparently . Also tried adding a recovery email in gmail , but did not change anything either .
Think I will have to give up on this as the current implementation is -IMO- rather incomplete . Most things who use your account for sending email redirect to the gmail/365 website and make you login directly . (synology comes to mind)

No way to disable this option either . The router might as well hammer the gmail servers right now or every time it wants to send an email .. . No idea .
Click to expand...
Criminala,

I use Gmail's App Password generated by Google mail to setup my AiProtection Alert Preference and it has been working ever since Asus introduced AiProtection. https://support.google.com/mail/answer/185833?hl=en

Just try if it works for you, if Alert Preference is setup correctly, you should get an email notification almost immediately.

PS: If you try to login to send gmail for the first time on a platform / browser, I think there is a verification / authentication process. So my suggestion that you should consider to use App Password instead where there is no verification / authentication process.
 
LimJK said:
if Alert Preference is setup correctly, you should get an email notification almost immediately.
Click to expand...

I can confirm that.

Just created a new Gmail App Password for AiProtection purposes and got the verification immediately:

ASUS RT-AC68U Notice - Notify Mail Verify

Dear user,

This is for your mail address confirmation and please click below link to go back firmware page for configuration.
Click to expand...
 
I just tried with yet another Google account (custom domain one , not @gmail.com) where I have app password activated . Sais WRONG MAIL DOMAIN when I enter and apply in AIprotection alert preference . I think the alert funtion of aiprotection is just half baked and poorly implemented really .

dumb code responsible for rejecting a perfectly fine Google account :
if(account_temp[1] != "gmail.com" && account_temp[1] != "aol.com" && account_te >
alert("Wrong mail domain");
Click to expand...


If someone knows where I can input my own smtp server into a config file maybe ? Or maybe the place where it stores the google account settings so I can input my custom domain there without the dumb wrong mail domain check ?

Using the standard input box for Google , AOL , QQ , 163 are no options for me .

If not I will just stay away from the email alerts completely :)
 
Last edited:
I was able to trick the webpage by changing AiProtection_HomeProtection.asp on the router , so I could use my own Google account .
While it accepts the input now (instead of giving wrong mail domain error) , I am not getting the mails .
 
criminala said:
when I visit a test malware (https://www.wicar.org/test-malware.html) website , the counter of mliscious sites blocking goes up
Click to expand...

Now afterwards when I went to that website with Firefox and MS Edge and pressed a few malware test buttons there, my Trend Micro didn't record any events. Of course in many cases the browser immediately gave me an alert of unsafe site. But not always.

Anyway, should that site cause some action in AiProtection of my router?

I have some "Details of Successfully Protected Events" listed in AiProtection - Malicious Sites Blocking, but the dates are from year 2019 or something like that. Maybe my AiProtection is broken? :confused:

edit: Does VPN or DoT affect the situation? Or Skynet or Diversion AddOns?

edit2: When I tested wicar site with my mobile phone (connected to my router) I got the Trend Micro Warning all right. But still no events in AiProtection - Malicious Sites Blocking. Why?

edit3: Seems that I am suffering from this problem too (no events, no graphs):

www.snbforums.com

AiProtection: GUI always shows 0

My router is on 384.16 and AiProtection (Malicious Sites Blocking, Two-Way IPS, Infected Device Prevention and Blocking) is on. The GUI however always shows 0 events and no graphs. NAT acceleration is off. I cannot remember to have ever seen anything else than 0 for several firmware versions. I...
www.snbforums.com www.snbforums.com
 
Last edited:
Diamond67 said:
edit3: Seems that I am suffering from this problem too (no events, no graphs):

www.snbforums.com

AiProtection: GUI always shows 0

My router is on 384.16 and AiProtection (Malicious Sites Blocking, Two-Way IPS, Infected Device Prevention and Blocking) is on. The GUI however always shows 0 events and no graphs. NAT acceleration is off. I cannot remember to have ever seen anything else than 0 for several firmware versions. I...
www.snbforums.com www.snbforums.com
Click to expand...

I got my events and graphs back and alive again with these instructions:

RMerlin said:
You can try deleting the database, however the logging issues seems to be a long-time random issue that pops up now and then for certain models. Stop AiProtection, then delete the existing database:

Code: 
rm -rf /jffs/.sys/AiProtectionMonitor/*

Then re-enable AiProtection.
Click to expand...
 
@Diamond67 also make sure than when your edge safebrowsing or anything else on your pc intervienes/stop/blocks the website , it will not be recorded as an event in the router . So important for a test is to press continue on the maliscious test website , until you get to see the block by the router itself . Only then you can be sure a router event will be (should be) created .
 
I tested again with wicar site. There were new events created in AiProtection - Malicious Sites Blocking etc. But this time, for some reason, I didn't get the alert emails.

Earlier I noticed that two event.txt-files appeared in /jffs/.sys/AiProtectionMonitor/ -directory and those files were sent to me as alert email attachments.

But this time when I did not get the emails at all there were no .txt-files generated either in /jffs/.sys/AiProtectionMonitor/ -directory. This system seems to be a bit unreliable or buggy.
 
You must log in or register to reply here.

Similar threads

J
Alert Preference - Email notification issues
Replies
3
Views
536
JoSmittyCan
J
E
Alert preferences AI protection 386.7 not working
Replies
2
Views
892
eastavin
E
E
DNS over TLS vs Trend Micro AI Protection Pro
Replies
3
Views
1K
Tech9
Tech9
torstein
Solved AiProtect and iCloud Private Relay
Replies
1
Views
2K
RMerlin
RMerlin
R
Sendmail or MSMTP as Relay Agent - Config Help
Replies
4
Views
1K
Maverickcdn
Maverickcdn
Similar threads
Thread starter Title Forum Replies Date
H Do AiProtectipn Email Notifications Actually Work? Asuswrt-Merlin 10
H Send Test Email From AiProtection? Asuswrt-Merlin 3
AppleBag Email Notification when new Firmware available? Asuswrt-Merlin 5
D False alert for "Unable to connect to the Internet" Asuswrt-Merlin 3
TheLyppardMan Firmware update alert Asuswrt-Merlin 3

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 811 (members: 24, guests: 787)
Top