You need to have a mail server downloaded like Thunderbird. In the configuration make sure that the outgoing server is an SMTP server and that it does not use SSL/TLS for security configurations (STARTTLS is fine). Then start capturing with Wireshark and send an email from that mailing server to somewhere. Then in the filter tab in Wireshark you can filter just "smtp" for all packets that use that protocol or "tcp.port == 587" to display all packets that use that port (which is an smtp port). But note while this captures SMTP packets, all email information will be encrypted as this is the standard. If you want unencrypted packets you need to lookup how to send mail with command line (this is the only way I know at least).
Another great video. Looking forward to the next 802.11 video!!
This is well explained. Thank you s much. Appreciated!
Hi , how do we check the date and time of the sent mail ?
Try clicking the frame option
Thanks a lot for series , very much helpful :)
is it possible to see the email sender ip ?
Thanks for this video.
How to capture smtp? Can you tell me?
You need to have a mail server downloaded like Thunderbird. In the configuration make sure that the outgoing server is an SMTP server and that it does not use SSL/TLS for security configurations (STARTTLS is fine). Then start capturing with Wireshark and send an email from that mailing server to somewhere. Then in the filter tab in Wireshark you can filter just "smtp" for all packets that use that protocol or "tcp.port == 587" to display all packets that use that port (which is an smtp port). But note while this captures SMTP packets, all email information will be encrypted as this is the standard. If you want unencrypted packets you need to lookup how to send mail with command line (this is the only way I know at least).
thank you
Wow I like it.