Why does uTorrent send mail - possible trojan?

magick

magick

magick

Soldato
Joined
11 Apr 2004
Posts
4,413
I've got uTorrent v1.6.1 and zone alram detetced it trying to send SMTP mail to the following IP 195.148.79.89
The previous version of uTorrent I had also did the same. I've set zone alram to deny it always. I also used Neotrace to track down the IP and it's come up with :-

Neotrace said:
Name: vekkulit.tontut.fi
IP Address: 195.148.79.89
Location: Tampere (61.500N, 23.750E)
Network: TOAS-NET

Registrant contact information is not available.
Click to expand...

So anyone know why a torrent program would need to send mail annonomously? Don't a lot of trojans log keystrokes then mail them out? I've scanned it for virus's, as I did the previous version, and it's come up clean.
 
Last edited:
did you get utorent from the official site?

may be that zonealram is reporting a phantom error, or saying its something its not?

Im using the 1.7beta and have never seen this with any other version of utorrent over the past 2 years

From "elsewhere"

On further investigation I find there is an option in the advanced preferences of utorrent for just this type of situation.

bt.no_connect_to_services - Set to true will not connect to any ports that confuse firewalls

Also you you dont have it set up to use port 25 do you ?

This demonstrates that things aren't always as they first appear and that your firewall can get confuzed sometimes!
 
Last edited:
gizmoy2k said:
bt.no_connect_to_services - Set to true will not connect to any ports that confuse firewalls

Also you you dont have it set up to use port 25 do you ?
Click to expand...

Already set to true and I downloaded from the offical uTorrent site. As for port settings on 'port used for incoming connections' it's set to 40931.
 
Think I saw this mentioned a while back - I remember doing a google and finding that uTorrent sometimes uses a port usually that is more commonly used for email, and so firewalls will detect it as such. I doubt there's any actual harm going on.
 
You must log in or register to reply here.
Back
Top Bottom