Zur Analysezwecken kann es manchmal hilfreich sein, die Kommunikation eines Dienstes in Echtzeit mitzuschneiden bzw. sich diese anzuschauen.

    ngrep -W byline -iq '' tcp port 25
    
    T 83.169.42.112:25 -> 122.170.120.94:33492 [AP]
    220 blog.cscholz.io ESMTP Service.
    
    
    T 122.170.120.94:33492 -> 83.169.42.112:25 [AP]
    EHLO dsl-mum-static-ilp-094.120.170.122.airtelbroadband.in.
    
    
    T 83.169.42.112:25 -> 122.170.120.94:33492 [AP]
    250-mx02.blog.cscholz.io.
    250-PIPELINING.
    250-SIZE.
    250-ETRN.
    250-STARTTLS.
    250-AUTH DIGEST-MD5 PLAIN CRAM-MD5 LOGIN.
    250-AUTH=DIGEST-MD5 PLAIN CRAM-MD5 LOGIN.
    250-ENHANCEDSTATUSCODES.
    250-8BITMIME.
    250 DSN.
    
    
    T 122.170.120.94:33492 -> 83.169.42.112:25 [AP]
    MAIL FROM: <taoismssyw28@everythingnewark.com>.
    RCPT TO: <infoq@blog.cscholz.io>.
    RCPT TO: <infod@blog.cscholz.io>.
    RCPT TO: <infoq@blog.cscholz.io>.
    DATA.
    
    
    T 83.169.42.112:25 -> 122.170.120.94:33492 [AP]
    250 2.1.0 Ok.
    554 5.7.1 Service unavailable; Client host [122.170.120.94] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=122.170.120.94.
    554 5.7.1 Service unavailable; Client host [122.170.120.94] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=122.170.120.94.
    554 5.7.1 Service unavailable; Client host [122.170.120.94] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=122.170.120.94.
    554 5.5.1 Error: no valid recipients.
    
    

    Leave A Reply