“Why is DC++ trying to send email?”

“… or connect to FTP, or telnet, or DNS or …”

This is a question that comes up regularly on the support forum and the short answer is: It isn’t.

The slightly longer answer is that this message is being produced by a software firewall which is misinterpreting what DC++ is doing, in a naive (one might even say stupid) manner.

The even longer answer requires a bit of knowledge about “How Things Work”.

Firstly, two pieces of information regarding setup:

Secondly, how a download (in Active mode) proceeds:

  • You want to download a file from me, so you tell me this.
  • I tell you to connect to my listening port.
  • You connect to my listening port and after some handshaking, the download begins.

Seems fairly straightforward, right? Well the problem comes with the listening port I choose. This can be any number between 1 and 65535. In fact, I can pick a port that is commonly used by another network service such as port 25 (SMTP) which is used for sending email.

When you connect to my listening port to start off the download, your firewall notices the activity on port 25 and springs into action. It thinks you are making a connection to an SMTP server to send mail, so in a Clippy-esque fashion, it says to you “It looks like you’re trying to send email! Would you like me to allow that?”

If the firewall were to look at what was being transmitted, it would clearly see that it has nothing to do with email. But it blindly works based solely on the port number and throws up a spurious warning message.

So in conclusion, take what your firewall tells you with a pinch of salt.

One Response to “Why is DC++ trying to send email?”

  1. BWMerlin says:

    Hmmm interesting, all the clients on my DC network use port 1090 as the listening port and Norton always flags it as a worm. I always assumed it was because Norton was incompetent rather than it was because DC was using 1090 as the ports. It gets more interesting in that Norton is the only AV or firewall that I have dealt with that claims DC is a worm everything else is happy to allow DC through with no setting changes in regards to AV’s while firewalls just ask whether to allow or block the connection. Thanks this has been a good “oh so that’s why it does that” post.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: