Rogers.com?
Posted: Mon Oct 11, 2010 2:23 pm
Why does Deluge attempt to make a secure mail connection to Rogers.com?
Deluge Forum
Support Forum for the Deluge BitTorrent Client
https://forum.deluge-torrent.org/
Rogers.com?
Page 1 of 1
Re: Rogers.com?
Posted: Mon Oct 11, 2010 2:51 pm
It shouldn't, unless you've configured the notification plugin to send emails via there...
Re: Rogers.com?
Posted: Mon Oct 11, 2010 3:30 pm
Well according to Avast, Deluge tried to open a POP3 connection on port 995 to Rogers.com. I guess it was using SSL which is why Avast anti-virus asked to take care of the SSL part so it could scan any incoming mail. The notification plug-in isn't installed. I've just been using the basic Deluge.
Edit: v1.3.0
Edit: v1.3.0
Deluge spyware?
Posted: Mon Oct 18, 2010 3:24 pm
I've encountered something similiar, see the image/link below.
I'm on a quite new installation and am a new Deluge user, running under Windows 7 with no plugins or notifications or update checking enabled. However, I only lately turned Avast mail shield on and it almost immediately catched this. So of course this is suspicious.
I can think of two possibilities here - either some people run torrent on mail server ports or Deluge (at least the windows port) is spyware. I can understand that most likely the first one is correct (although webhosts usually prevent using mail servers/ports without reason because of spam possibility) but the risk of this being spyware is too high. I will be uninstalling Deluge immediately and it isn't going to come back..
I'm on a quite new installation and am a new Deluge user, running under Windows 7 with no plugins or notifications or update checking enabled. However, I only lately turned Avast mail shield on and it almost immediately catched this. So of course this is suspicious.
I can think of two possibilities here - either some people run torrent on mail server ports or Deluge (at least the windows port) is spyware. I can understand that most likely the first one is correct (although webhosts usually prevent using mail servers/ports without reason because of spam possibility) but the risk of this being spyware is too high. I will be uninstalling Deluge immediately and it isn't going to come back..
Re: Rogers.com?
Posted: Mon Oct 18, 2010 4:24 pm
Did you check to see if you had a peer at that ip?
It's possible that you are connecting to a peer who's using a port normally used for IMAP (which is confusing your AV).
Otherwise, you could try running wireshark to get a better idea of what's going on.
In any case, Deluge ISN'T spyware.
You don't have to take my word on it, you can just look at the source.
It's possible that you are connecting to a peer who's using a port normally used for IMAP (which is confusing your AV).
Otherwise, you could try running wireshark to get a better idea of what's going on.
In any case, Deluge ISN'T spyware.
You don't have to take my word on it, you can just look at the source.
Re: Rogers.com?
Posted: Wed Oct 20, 2010 6:43 pm
At the point when I noticed the notification, there was no peer connection to that IP. And you should also note that I already said the likely culprit is someone running torrent in mail ports, it's just that there's always a degree of trust needed when you use other people's software. But for torrent, I don't actually need to trust Deluge as there are other alternatives, so I can afford a little overreaction and paranoia here. 
Not blaming anyone though.
Btw, like everyone should know, something being open source does not guarantee that any builds are spyware-free, just that the original source is (and that only if you actually check it) and with enough trouble you can make your own build if you're too concerned. I'm not hear to bash open source (or Deluge), just replying to someone else with the same notes (and also provided the likely explanation which the previous messages didn't include).
Not blaming anyone though.Btw, like everyone should know, something being open source does not guarantee that any builds are spyware-free, just that the original source is (and that only if you actually check it) and with enough trouble you can make your own build if you're too concerned. I'm not hear to bash open source (or Deluge), just replying to someone else with the same notes (and also provided the likely explanation which the previous messages didn't include).