Hello all, I am not familiar with wireshark, can any one please tell me how can I capture the SMTP payload in ASCII format, thanks in advance.
asked 12 Dec '15, 09:22
edited 12 Dec '15, 10:19
Just capture the traffic as normal, then use a display filter of "smtp".
As long as the SMTP traffic isn't encrypted you can see the payload by right-clicking any packet in the SMTP conversation and then selecting Follow -> TCP Stream.
The resulting dialog will show the entire conversation which you can copy to the clipboard. The email be in multiple parts so you might have to do a little editing.
answered 12 Dec '15, 10:18
edited 12 Dec '15, 10:20