Wireshark-users: [Wireshark-users] Capturing Email Traffic
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: "Mike Dodson" <mikejd208@xxxxxxxxx>
Date: Tue, 28 Aug 2012 16:48:44 -0600
I would like to monitor the email traffic in and out of our network to make sure that no one is using the incorrect ports.  I need this information as I would like to setup a firewall rule that would only allow traffic to and from one specific server.  I think I have found the answer to this question but so far no information has been captured yet. 
When I start the capture and in the display filter I am using "pop or smtp" as the _expression_ which should tell me when there is that type of traffic.  Is this the correct way of doing this or is there a better way. 
thanks for the help.
Mike