Ethereal-users: RE: [Ethereal-users] SMTP traffic

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: wsladen@xxxxxxxxxxxxxxxxx
Date: Wed, 7 May 2003 08:41:58 -0400
Hello Banibrata,
 
Thank you for the suggestion.  I printed the detailed packets to file and did a quick check on the words 'Message: To:' and came up with the same number of people.
 
Please excuse my ignorance.  I am very green to the world of reading packet dumps.  Is there something else that I should be looking for that might show multiple e-mails within one packet stream?
 
Also, I would like to elaborate on the total e-mails that I did capture.  The emails that were captured by ethereal were captured in chunks then there would be a chunk that I don't have in the logs and then I would start capturing another chunk of emails and then another chunk would go without being captured, etc.
 
I can verify the order in which the e-mails went out from another log and comparing it to the ethereal packets the emails that I did capture do follow that order even after it stops capturing and starts recapturing emails.
 
Another piece of the puzzle is that the utility that was being used hung a couple of times forcing me to restart it.  I find it hard to believe that this would have anything to do with it since Ethereal's job is to capture data regardless of such issues but I thought it would throw it out there anyway.
 
Thanks again.  If you have anymore insight, it would be appreciated.

Wayne M. Sladen
e-Services Specialist
Synergent
2 Ledgeview Drive
Westbrook Maine 04092
Work - 207-773-5671 Ext 223
Mobile - 207-653-8092
wsladen@xxxxxxxxxxxxxxxxx

-----Original Message-----
From: Banibrata Dutta [mailto:banibrata.dutta@xxxxxxxxxxxxxx]
Sent: Tuesday, May 06, 2003 5:32 PM
To: wsladen@xxxxxxxxxxxxxxxxx
Cc: ethereal-users
Subject: RE: [Ethereal-users] SMTP traffic

I can only guess. Since SMTP is a TCP based protocol, so it is possible that
many of the individual emails got bunched together in a single TCP segment
and got transported. Since they make up one single TCP and IP packet each
you might be getting statistics like the ones you see if you simply monitor the
port. You need to go and check the contents of those packets, to see if it
expands to multiple SMTP messages or not?
 
bdutta.
-----Original Message-----
From: ethereal-users-admin@xxxxxxxxxxxx [mailto:ethereal-users-admin@xxxxxxxxxxxx]On Behalf Of wsladen@xxxxxxxxxxxxxxxxx
Sent: Tuesday, May 06, 2003 12:25 PM
To: ethereal-users@xxxxxxxxxxxx
Subject: [Ethereal-users] SMTP traffic

I was monitoring traffic between a server that generates e-mails to be sent out of my building via an Exchange Server.  When I ran the capture setting to monitor the two host IP Addresses it only captured 275 out of the 1442 e-mails that actually got sent out.  I started the monitoring traffic well before the e-mails were generated and left the capture on for an entire day even though the entire event occurred over a couple of hours.
 
Has anything like this been reported before.
 
Thanks,

Wayne M. Sladen
e-Services Specialist
Synergent
2 Ledgeview Drive
Westbrook Maine 04092
Work - 207-773-5671 Ext 223
Mobile - 207-653-8092
wsladen@xxxxxxxxxxxxxxxxx

 

IMPORTANT MESSAGE TO RECIPIENT: This email, along with any attached files, is intended only for the use of the individual or individuals to which it is addressed. This email may contain information that is confidential, subject to copyright or constitutes a trade secret. If you are not the intended recipient, you are hereby notified that any dissemination, copying or distribution of this email or files associated with this email, is strictly prohibited. If you have received this email in error please notify the sender immediately by replying to the message and deleting it from your computer. Messages sent to and from employees in our organization may be monitored.

IMPORTANT MESSAGE TO RECIPIENT: This email, along with any attached files, is intended only for the use of the individual or individuals to which it is addressed. This email may contain information that is confidential, subject to copyright or constitutes a trade secret. If you are not the intended recipient, you are hereby notified that any dissemination, copying or distribution of this email or files associated with this email, is strictly prohibited. If you have received this email in error please notify the sender immediately by replying to the message and deleting it from your computer. Messages sent to and from employees in our organization may be monitored.