Re: need to track email

[Abhik Sarkar <sarkar.abhik () gmail com>]

You might want to capture traffic at a point where traffic from all the
systems reaches the internet instead of capturing at each system (
http://wiki.wireshark.org/CaptureSetup).

Then use Wireshark or one of the many available tools (
http://wiki.wireshark.org/Tools) to investigate.

I think ntop (http://www.ntop.org/overview.html) might be of use (though I
have never used it myself).

Finally, this link (
http://www.cacetech.com/media/network_mysteries/slow_network/) from the
Wireshark documentation page might also give you some ideas.

Good luck!

On Thu, Jan 21, 2010 at 1:37 AM, Info <info () datback com> wrote:

>  I have a machine in my organization that is sending spam. Short of going
> to 300 plus machines can wire shark be configured to track smtp and pop? If
> so some instructions on configuring wire shark to do this would be VERY
> appreciated.
>
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request () wireshark org
> ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe