问题描述

由于Google已经确定我的糟糕服务器是垃圾邮件主机，我想我会启动Message Analyzer的新beta 3并查看它是否可以捕获传出的SMTP请求。我想忽略Exchange生成的"你被列入黑名单"的消息，只看一下有效的SMTP
流量（我的一个交换用户或网站已生成它）或无效（一些黑客入侵的网站代码或随你）。从那里我可以看到流量来自哪里。

Since Google has decided my poor server is a SPAM host I figured I'd fire up the new beta 3 of Message Analyzer and see if it could capture outgoing SMTP requests. I'd like to ignore the 'you're blacklisted' message Exchange generates and just look at SMTP traffic that's either valid (one of my exchange users or a website has generated it) or invalid (some hacked website code or whatever). From that I might be able to see where the traffic originates.

嗯，我很茫然...我无法弄清楚如何捕获甚至所有SMTP更少的子集。有人可以抓住这个吗？

Well, I'm at a loss... I can't figure out how to capture even all SMTP much less a subset. Can someone hold my hand on this?

比尔

推荐答案

如果没有显示任何流量，那么您的数据可能已加密。 出于某种原因，我期待这一点。 在这种情况下，您可以尝试HTTP代理或防火墙方案模板。  HTTP代理通过充当Web代理来工作。 可能
拦截SMTP，因为我认为这通常是加密的。

If this doesn't show up any traffic, then perhaps your data is encrypted.  For some reason I expect this.  In that case you could try the HTTP Proxy or Firewall scenario templates.  HTTP Proxy works by acting as a web proxy.  It might intercept SMTP because I would think this is normally encrypted.

另一个可能的问题是Win8应用程序。 他们需要一些特殊的配置才能捕获。 如果需要，我可以详细说明。

Another possible issue here is Win8 apps.  They need some special configuration to capture.  I can details this if you need.

最后，随着webproxy的运行，IE可以检测到并阻止它。 可以使用解决此问题所需的证书来配置webproxy。 但是，我们需要找到合适的证书。

And finally, with the webproxy running, IE can detect this and block it.  IT's possible to configure the webproxy with the cert needed to get around this problem.  However, we'll need to find the appropriate cert.

Paul

这篇关于我可能很密集，但我无法弄清楚如何捕获潜在的虚假SMTP流量的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！