When you execute this filter you will end up only with 4XX and/or 5XX error codes so you will see all SMTP errors withing your capture. Not eq 220 and not eq 221 and not eq 250 and not eq 354 and If you don’t know it, or if you want to list all SMTP errors in the SMTP sessions, then you must first exclude all the valid codes (2XX) until you end up only with 4XX or 5XX codes. If you know the error code then use this filter: eq RCPT and contains a specific sender mailbox In this post you will find some filters that may help you to correctly interpret complete conversations or specific network packets.įiltering an SMTP conversation between two serversįiltering an HTTP conversation between two serversįiltering an SMTP Conversation with TLS between two serversįiltering outgoing packets from ona particular IPįiltering incoming packets from one particular IPįiltering the number of recipients in an SMTP conversation Wireshark is an application that allows you to capture network traffic, this is very useful when you need to troubleshoot problems or just to understand how an specific application works.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |