[SATLUG] Monitoring IMAP traffic

Aaron Hackney aaron at aaronhackney.com
Wed Sep 8 16:43:21 CDT 2010

On Wed, Sep 8, 2010 at 4:04 PM, David Salisbury
<david.salisbury at momentumweb.com> wrote:
>  No, in this case it's not a log file, just the raw data being looked at
> with tcpdump.  And I'm not looking for message content, just the IMAP
> commands that are coming across along with their source IP.  I mean, I could
> DUMP it into a file, and do some advanced grepping and such, but that's
> where it gets a little hairy.  Just wondering if something like that existed
> already so I wouldn't have to end up reinventing the wheel!
> David

I'm not sure tcpdump has the layer 7 filtering you are wanting to do,
but I'm sure I'll be corrected if I'm wrong. What about command line
Wireshark with a capture filter? I believe you can peer into the
payload and filter what you capture.

> On 9/8/2010 3:59 PM, Howard Haradon wrote:
>> If this is a log file, can you use grep and a
>> search string to break out the lines you need.
>> Howard
>> --
>> Howard Haradon
>> San Antonio, TX  U
> --
> _______________________________________________
> SATLUG mailing list
> SATLUG at satlug.org
> http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe
> Powered by Rackspace (www.rackspace.com)

"Don't ask yourself what the world needs. Ask yourself what makes you
come alive and then go do that. Because what the world needs is people
who have come alive." -Dr. Howard Thurman

Aaron Keith Hackney
aaron at aaronkeithstudios.com
Cell 210.325.2196

More information about the SATLUG mailing list