Once you've performed a full capture on port 25, Wireshark does a nice job of providing an option to extract the relevant conversation by right-clicking on just one packet in that conversation and choosing something called "Follow the TCP stream", I believe.
Frank -----Original Message----- From: Steve Bertrand [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 17, 2008 7:44 AM To: [EMAIL PROTECTED] Cc: nanog@nanog.org Subject: Re: SMTP no-such-user issues Frank Bulk - iNAME wrote: > Please share a packet capture of a working and not working SMTP exchange. In order to provide the highest amount of clarity, could you recommend a specific set of tcpdump command line args that I should use? Steve
