How does email security appliance forwards mail to mail server
djhurt1
Enthusiast ✭✭
I'm trying to track down an issue discussed in another thread. I'm trying to do a packet capture with wireshark showing the comm.. between our email server and the ESA. Mail server, ESA and capturing PC is on the same VLAN. I see nothing between the email server and ESA. Our firewall forwards all email traffic to ESA. Mail server sends all outgoing email traffic to ESA. TLS is turned on. Why am I not seeing anything with the packet sniffer?
Category: Email Security Appliances
0
Answers
I should add that this is using TLS, and I should be able to see a TLS handshake between the ESA and mail server rather than the actual SMTP traffic. I do not see this though.
How is your capture device connected and how are you forwarding traffic to it? Modern networks are switched so you don't see traffic going to other devices without configuring this on the switch.
The listening device is connected via switch on the same VLAN as the traffic I intend to capture.
Have you configured port mirroring on the switch for traffic from those device ports to be sent to the capture device?