Setting up eMule. Security. Setting up eMule. Security.

Setting up eMule. Security.

IP Filter

IP filters are used to restrict connections to and from your client. All IP ranges that are entered in the ipfilter.dat file cannot connect to eMule nor can eMule connect to them. This file can be edited via the Edit Button and is saved in eMule's install folder. For more information on filtering IP see the topic IP Filters of this FAQ. eMule has to Reload the ipfilter.dat file before any changes apply.

Filter Servers too
The IP-Filter rules are usually only valid for other clients. This option will extend the filtering to servers as well.

Each entry of the ipfilter.dat has an access level assigned. This value describes how trustworthy this entry is. High values (default 128+) are considered secure whereas lower values are to be blocked. The Filterlevel determines the limit of blocking. Each entry in ipfiletr.dat which has an access lower than the set Filterlevel will be denied connection to eMule. The default value should not be changed.

Update from URL
Entering a link to a filter file and pressing Load will add the found IPs to eMule's ipfilter.dat. See the IP Filter chapter for links and more information.

See my shared files/directories

This option is used to determine who can requests lists of your shared files and directories. It offers three settings:

Any client that want to know what files you have shared will be sent an overview of your shared files/directories.

Friends Only
Only people you have added to your friends list will be able to see your shared files/directories.

eMule will deny all requests for displaying your shared files/directories. .

Protocol Obfuscation

Protocol Obfuscation tries to mask your eMule traffic so that it becomes harder to block by your ISP, who may be throttling your connection. See Protocol Obfuscation for more information regarding these settings.

Enable Protocol Obfuscation
If you think that eMule is throttled on your network, you should enable this function. Whenever possible eMule will use obfuscated connections and will ask other clients to do the same when connecting to your client. When connecting to a server, eMule will try to establish an obfuscated connection first and only if this fails choose a normal one. There are in general no disadvantages by using this option, except insignificant higher CPU usage and very few bytes more overhead, so you can't really do anything wrong by enabling this setting.

Allow obfuscated connections only
If you enable this option, eMule will only establish and accept obfuscated connections. Clients which do not support obfuscations are ignored, incoming plaintext connections rejected and the automatic server connect will only allow obfuscated connections to a server. You should only choose this setting if you know that the ED2K Protocol is completely blocked on your network, otherwise you will loose sources and therefore slow down your eMule. However if you know that eMule is blocked, then enabling this option is recommended, because it saves connection tries which are guaranteed to fail and therefore would waste time, overhead and resources.

Disable support for obfuscated connections
If for some reason you want to disable the whole obfuscation feature completely you can choose this option. In general for most users there is no reason nor advantage in doing this.


Use secure identification
It is recommended to use the secure user identification. For more information on this topic see here.

Run eMule as unprivileged User
This option is only available in the Win NT series (2k, XP, 2003) and allows eMule to profit from the tighter security these systems provide. Most users are logged on to their machine with an Administrator account. This account type allows them and all executed software full control over the system. In this case also all malicious code executed will have its full bad effect.

Running eMule as unprivileged user will create an own user account in the operating system called emule_secure and sets the permissions for full access to the folders it needs (installation folder, temp and incoming folders) for this special user. Otherwise this account is heavily restricted and denies access to other parts of the system. eMule starts itself under this user account making sure that any malicious code which may be injected has no rights on the system, thus not being able to do any harm. This is a preventive measure in case of any vulnerable code is found which could be exploited.