All,
I simplified this email from the last post, but basically, I want to
extract all message bodies from network traffic using tshark at the command
prompt. We are doing this for all email originating within our network but not
using our mail servers. I see all the available fields in the protocol
reference guide, but I don't see one for the message body itself. When I look
at the PDML, I see the field =="", so I don't see how to do this using using
the -Tfields option. Anyone help with this? I also want to sniff the DNS
traffic for hosts that are resolved which has the same issue.
Thanks,
Mark_______________________________________________
Wireshark-users mailing list
Wireshark-users@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-users
