how to capture only SMTP using latest Wireshark 2.2.6 or later

email tcp wireshark smtp sniffing
7,279

You can also use the port filtering for this. Since, SMTP has port number of 25. So you can use this to set the filter. This can be something like this:
tcp.port eq 25

And this should also have worked for you. use this in your capture filter:

tcp port smtp

Also if you want to just see what you have sent then you can use the filter with your IP address like:

ip.src==192.168.1.12

Here in this case, 192.168.1.12 is my IP address, i.e., source IP address. You can certainly combine them too and this will look like:

(ip.src==192.168.1.12) and (tcp.port eq 25)

Share:
7,279

Related videos on Youtube

Doug Null
Author by

Doug Null

Updated on September 18, 2022

Comments

  • Doug Null
    Doug Null over 1 year

    I am debugging a problem with my Azure VM Windows server receiving SMTP from the Internet, and want to use Wireshark to show ONLY SMTP. I would also like to use Wireshark to show the contents of the SMTP message to see if it is what I sent.

    I cannot figure out, nor find help, on just simply making Wireshark show only SMTP. Wireshark doc says to set filter to SMTP, but that does not work for me.

    • Steve Reeder
      Steve Reeder almost 7 years
      Are you running the packet capture on the same machine (AzureVM) that you are receiving SMTP on? If not, you will only see broadcasts and multicasts if you are capturing packets unless you have some way to turn on port mirroring or SPAN
    • konqui
      konqui almost 7 years
      there are to way one would be to just capture the whole traffic and then filter it to smtp protocol but since all the traffic is captured this may generate huge files so if you only interested in smtp it would be more usefull to work with a capture filter wiki.wireshark.org/CaptureFilters if you wanna know what exactly is the difference take a look here ask.wireshark.org/questions/6660/… - since you're working with VM make shure you capture on the Virtual VM-Interface not on the Real Networkcard
    • Doug Null
      Doug Null almost 7 years
      Yes, running Wireshark on the Azure VM Windows server that is receiving SMTP email.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Wireshark - How do i filter the TCP[RST] packet?
Laravel error when sending custom email address using smtp server
smtp send mail via postfix and nodejs nodemailer connection closed
Swiftmailer config : send mail using gmail
SMTP mail error in CodeIgniter : server might not be configured to send mail
spoof from address through gmail
smtp.gmail.com vs ssl://smtp.gmail.com while sending email using gmail smtp server
Android App Development - Send email directly with no Intents
Sending Email to Gmail's SMTP server using TLS and Plain Authentication
Why there are no sent mails after the Jenkins ext. mail step?