How to open an email in a network analysis tool like etheriel?
I'm experiencing some intermittent delivery issues with emails from a specific source to certain account addresses. Testing with account/user addresses (eg, [email protected]) as the to or from addresses have given contradictory result. I need more data, and analysis of the email header may provide it. But to do that, I need to open an email in a network analysis tool like etheriel.
How can I open an email in a TB in-box or local folder in such a tool???
All Replies (8)
you don't, ethereal is a packet sniffer, it sniffs the packets as they pass through the network adapter. Expect huge log files of mostly useless information.
It will not tell you what happens beyond the actual packets between your device and the outgoing server. It will certainly not offer anything useful in determining delivery issues to a third party.
Thanks Matt, What I am trying to do is look at the various stages/links a mail has passed thru. Yes, Etheriel is a sniffer, but it displays all the various address components of those stages as the mail is processed. Mail programs just show the from and to parts, however a saved mail should have the other bits still in it, and those are what I want to see.
Just opening the saved mail with etheriel should show the header sections showing the transmission legs it has passed over.
Unlike some other packet tools, Etheriel has a 'file open' component, so maybe the question should have been "how do I identify from the TB local folder the file name of a mail for examination???" Selecting a mail and rt-click, the context menu doesn't have an item of 'open with'.
Alternatively, can you suggest another network tool that will do what I want???
Ctrl + u will display the full message source including the header. But you only get the network steps to the point the EML is saved. There is no"tracking" that is sent back to he sender, so if you receive a mail you get full routing, if you send a mail you get basically nothing.
Hi Matt, I understand that sniffing outgoing is basically nothing, but incoming is what I am interested in - the details in the saved header. That cntrl-u tip was what I was after, Thanks
And as it turns out I need some more . . . I've been trying to get my ISP to sort out a bouncing mail problem, and that header detail is really useful - if I could get it to the ISP in a file format that's readable. Doing Cntl-U certainly gives a panel of data, certainly readable on the screen, and there's a "save page as" item under File in the panel title bar, but the format it saves as is 'file'. Trying to open the file gives an unknown file type in windows.
Is there any way to save it in a readable form , like .txt (it certainly looks notepad-ish) or html???? (much preferred) Alternatively, what program can read the file as it is???
Hi
When you have the message open with headers visible - can you [ctrl]a to select all, [ctrl]c to copy, and then in the body of a message, or Notepad, [ctrl]v to paste? If not, what happens?
Also if you have the full headers 'on', and you Forward the message - the full headers appear in the body to forward to your provider?
Hi Agnes, That process works, thank you. What's been happening is: - I subscribe to the Corel forum for Video Studio software - a bulletin board. When replies are made to a post I made, a notification email is sent ot my email address. After 10 years of using it with the same ISP, last march several notify emails bounced, (returned to sender as undeliverable, citing an error code and the mail exchange server name doing the refusal). - I reported a fault, and then the notify emails stopped coming. With the forum admins I established that they were being sent and that all other normal mails to the same address were also being received normally. I escalated the fault to a complaint, and and sent lots of associated detail and forwarded the bouncing emails (sent from the forum admins to me, and then to ISP) to the fault team. - the fault team said that what was in the bounced headers I sent was insufficient and wanted more info on the bouncing mails, and thus the effort to extract all the header details.
Altho frankly after weeks of this I'm losing confidence that a cause will be found and this will actually be positively resolved. Nevertheless: if you don't ask, you don't get.
Glad to get you one step closer! Agnes