Unable to see SMTP traffic after getting new laptop
I was always able to scan for SMTP traffic when troubleshooting a MFP scanning to email issue on my laptop when using a HUB or Port mirrored switch. I then got a new laptop and now I am unable to see SMTP traffic when trying to scan to email from an MFP. I can still see everything else, ICMP, SMB, TCP and all else. When I try to scan to an email I cant see any DNS, SMTP, TLS or anything. It's as if nothing happened at all but the scan successfully sends to an email so I know it passed through the network. Anyone have any idea why?
Comments
What operating system did the old laptop run, and what operating system does the new laptop run?
What network interfaces (Wi-Fi, Ethernet, mobile phone modem, etc.) did the old laptop have, and what network interfaces does the new laptop have?
Sorry I'm doing three things at once and I keep messing up my reply. Both were Windows 10 but the old laptop was upgraded from Windows 7. Both laptops as far as I can remember (the old laptop is gone now) have the same interfaces. Ethernet and a wireless card.
So are you capturing on Ethernet or on Wi-Fi? From "when using a HUB or Port mirrored switch" it sounds as if it'd be Ethernet.
Do you mean you see the ICMP and SMB traffic that comes from / goes through the IP address of your MFP device in your capture, but not the SMTP traffic? In this case I would guess that your capture setup is fine, and a kind of new installed antivirus-firewall-proxy-ips-vpn-solution is blocking the SMTP traffic before it reaches the capture driver. Or you've just disabled the SMTP protocol. Open the enabled/disabled protocol dialog (CTRL+SHIFT+E) and search for SMTP.
If you mean that you can capture ICMP and SMB in generally, I would suggest to check your capture setup. Start a capture and send an ICMP request to your MFP device from another PC. Do you see the ICMP request and response in the capture?
It was the anti virus! I disabled it and magically all SMTP traffic showed up. Thank you very much JasMan!