LinuxQuestions.org - Email traffic analysis wireshark

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - Email traffic analysis wireshark (https://www.linuxquestions.org/questions/linux-server-73/email-traffic-analysis-wireshark-4175430303/)

amendoza

10-03-2012 11:03 AM

Email traffic analysis wireshark

How to capture traffic of remote email server

unSpawn

10-03-2012 12:41 PM

Quote:

Originally Posted by amendoza (Post 4796141)

How to capture traffic of remote email server

You could write traffic to file (analyze later from file with Wireshark):

Code:

tcpdump -s0 -w /path/to/file.pcap tcp dst port 25

and if you want to capture traffic then to your local SMTP port add:

Code:

tcp dst port 25

or if you want to capture traffic between any (local or remote) SMTP port use:

Code:

tcp port 25

All times are GMT -5. The time now is 09:30 PM.