This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How do I dissect SMTP over SSL on Port 465

0

Hello! I'm trying to do same thing under smtp (destination port is 465) under Windows. How can i do that?

asked 29 Mar '17, 02:11

icegood's gravatar image

icegood
6112
accept rate: 0%

converted to question 29 Mar '17, 04:08

grahamb's gravatar image

grahamb ♦
19.8k330206

Converted to a question from an "answer" on this question.

(29 Mar '17, 04:09) grahamb ♦

One Answer:

0

The current Wireshark version (2.2.5) should decode SMTPS (SMTP over SSL) on port 456/TCP as SSL per default.

When your able to decode the encrypted data (e.g. with the RSA key in use or with the premaster secret) the application data should also be decoded as SMTP by default.

If your capture has not been decoded as SSL please use the „Analyze“ -> „Decode As“ feature.

answered 29 Mar '17, 11:40

Uli's gravatar image

Uli
9031515
accept rate: 29%

edited 29 Mar '17, 11:43