Ethereal-users: Re: [Ethereal-users] SMTP Message Body

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Jerry Talkington <jtalkington@xxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 5 Feb 2004 09:49:17 -0800
On Thu, Feb 05, 2004 at 11:35:45AM -0600, Grant Sturgis wrote:
> Greetings All,
> 
> I am attempting to verify SMTP encryption by using tcpdump on an SMTP 
> server.  I am currently working on the "before" part of the before and 
> after comparison.  I have run tcpdump and collected packets while email is 
> being sent.  When I examine it with ethereal, the SMTP conversation is 
> recorded and looks OK, the only problem is the message body is blank.  
> I.E., I can't see the message body in clear text nor cipher text.

It may be that you haven't supplied a snaplen for tcpdump, so it's going
to truncate the packets at 68 (or 96) bytes.  You'll be able to see
enough of the the transaction for ethereal to display it, along with
status codes and such, but it won't be complete. Try capturing with the
"-s 0" option.
 
> Is this a filter built into ethereal or tcpdump as a privacy issue?

Nope.  It's supposed to snoop at all the private data ;)
 
-- 
GPG public key:
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x9D5B8762