I've been asked to place a sniffer on a network that handles HIPPA data, and watch for e-mail containing certain strings. I figured that mailsnarf would be the best way to do this.
Right. In testing, if I run: mailsnarf -i eth2 . "tcp" I get all email. If I run mailsnarf -i eth2 ".*STD.*" "tcp", I get nuttin, even though I send email containing that string. Any pointers from anyone? Tim -- >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< >> Tim Sailer (at home) >< Coastal Internet, Inc. << >> Network and Systems Operations >< PO Box 726 << >> http://www.buoy.com >< Moriches, NY 11955 << >> [EMAIL PROTECTED]/[EMAIL PROTECTED] >< (631)399-2910 (888) 924-3728 >> << >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
