This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

we received a notice from our ISP that they are going to shut off our mail because we are a open relay for spam. They want to "blacklist" us. How can I find the machine with WIRESHARK?

Thank you

asked 09 Sep '14, 11:46

lenbob's gravatar image

lenbob
1111
accept rate: 0%


Yes, you can use Wireshark to capture the traffic to and from your ISP to see what devices on your network accept SMTP traffic (TCP port 25). It may be simpler to scan your IP range with a nmap for that port though.

To check if a mail server is an open relay you can test them with one of the free online services that perform those kind of checks, e.g. http://www.mailradar.com/openrelay/

permanent link

answered 09 Sep '14, 12:52

Jasper's gravatar image

Jasper ♦♦
23.8k551284
accept rate: 18%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×23
×13
×3
×2
×2

question asked: 09 Sep '14, 11:46

question was seen: 2,260 times

last updated: 09 Sep '14, 12:52

p​o​w​e​r​e​d by O​S​Q​A