There are some problems that you just can’t solve without getting a network capture with tools like Microsoft Network Monitor (superseded by Microsoft Message Analyzer), Microsoft Message Analyzer, or Wireshark. If I had a tag line, it would be, “When in doubt, run Wireshark.” When a problem makes no sense, or you have run out of ideas, you know it’s time for a network trace.
A network trace contains great information, but there is always way more information than we need. In this article I’m going to look at the most common Wireshark filters that I use when I’m troubleshooting mail flow with a network trace. In a previous life I used Wireshark to troubleshoot problems with video streaming, SOAP over HTTP, and server communications, which is why it is my go to tool for network captures.
...(read more)