Steve Bertrand wrote:
Frank Bulk - iNAME wrote:
Once you've performed a full capture on port 25, Wireshark does a nice
job
of providing an option to extract the relevant conversation by
right-clicking on just one packet in that conversation and choosing
something called "Follow the TCP stream", I believe.
Ok. I've never captured in tcpdump and then imported into Wireshark
before, but I'll do some tests, scp the file to my Windows workstation,
then follow the stream.
Once I ensure I get a clean stream, I'll post the results.
As I research the documentation on the how-to specifics on capturing
with tcpdump in a format that is Wireshark compatible, is there anyone
here that could perform a simple test against their own domain email
system, that can confirm or deny what I have been witnessing?
If it can be confirmed that either A) my end is broken, or B) a remote
end is broken, I will be content, and can continue with other work.
My mind will rest at ease if someone, with known bounce-no-mbox enabled,
can:
- provide me off list (or test for themselves from a remote location) a
list of valid, and invalid recipients within their own domain's email
infrastructure. It doesn't even matter if you specify which are valid
and which ones are not
- create a temporary account on Hotmail (or from a sympatico.ca email
address, using whatever outbound servers they specify) send a message to
the same recipients as requested above.
- in the case that you don't want to provide the addresses, and want to
test internally, inform me of the overall result
- in the case that I receive the addresses to test from my location,
provide me with the results of the Hotmail test so I can compare results
If this is happening to other ops along with myself, I can justify it to
my users, and I can justify it in my own mind. If this is a locale
specific issue to my own network, then I need to know that, as I
obviously have work to do.
Thanks to everyone again.
Steve
