[105307] in North American Network Operators' Group
Re: SMTP no-such-user issues
daemon@ATHENA.MIT.EDU (Nathan Ward)
Tue Jun 17 09:22:10 2008
From: Nathan Ward <nanog@daork.net>
To: nanog list <nanog@nanog.org>
In-Reply-To: <4857BA0C.70502@ibctech.ca>
Date: Wed, 18 Jun 2008 01:21:40 +1200
Errors-To: nanog-bounces@nanog.org
On 18/06/2008, at 1:20 AM, Steve Bertrand wrote:
> Steve Bertrand wrote:
>> Frank Bulk - iNAME wrote:
>>> Once you've performed a full capture on port 25, Wireshark does a
>>> nice job
>>> of providing an option to extract the relevant conversation by
>>> right-clicking on just one packet in that conversation and choosing
>>> something called "Follow the TCP stream", I believe.
>> Ok. I've never captured in tcpdump and then imported into Wireshark
>> before, but I'll do some tests, scp the file to my Windows
>> workstation, then follow the stream.
>> Once I ensure I get a clean stream, I'll post the results.
>
> As I research the documentation on the how-to specifics on capturing
> with tcpdump in a format that is Wireshark compatible, is there
> anyone here that could perform a simple test against their own
> domain email system, that can confirm or deny what I have been
> witnessing?
Wireshark reads pcap files. Spit them out with this option on the
tcpdump commandline.
-w file
--
Nathan Ward
