Am 12.07.2012 14:01, schrieb Dr Andrew C Aitchison:
> On Thu, 12 Jul 2012, Cyborg wrote:
>
>> is there an option to activate a SMTP log to see what a client sends
>> to the server if TLS is active?
>>
>> normally i just use tcpdump to capture the protocol, but with tls
>> thats not an option.
>>
>> Any ideas?
>
> Is the client under your control ?
> If so you could try pointing it at a dummy server built with
> openssl s_server
> - that assumes that the problem isn't too deep inside the smtp
> session.
>
No , let assume it's an external MTA you do not know anything about and
the admin there does not support you in any way
I stumpled about it as i saw this:
2012-07-12 11:07:53 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
2012-07-12 11:08:02 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
2012-07-12 11:08:10 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
2012-07-12 11:08:18 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
2012-07-12 11:08:27 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
2012-07-12 11:08:35 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
2012-07-12 11:08:43 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
2012-07-12 11:08:52 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
2012-07-12 11:09:00 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
2012-07-12 11:09:08 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
2012-07-12 11:09:17 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
2012-07-12 11:09:25 SMTP call from
ths-186-209-0-14.v4.thsprovider.com.br [186.209.0.14] dropped: too many
syntax or protocol errors (last command was "AUTH LOGIN")
It's a spammer, i know, but it would be cool to have a debug option to
see what he does, or what a regular sender wanted to do.
best regards,
Marius Schwarz
