Hello.I wrote an application that captures packets, all is well with TCP, UDP. But SMTP packets are not captured. Is it possible(with SharpPcap)? I would like some example. Thanks
+1
A:
I don't have code examples for you, but here are some pointers to get you started, since there are no other answers.
SMTP is fairly human-readable and runs over TCP, typically on port 25. You need to set your capture filter for port 25 to keep things efficient. The protocol itself is defined in RFC821, but you should be prepared for just about anything, as there are a ton of really bad SMTP programs out there that don't bring things into compliance with the RFC.
The easiest way to learn this is to fire up some packet capture software, such as Wireshark, and look at the protocol yourself. Once you've looked at it, you will see it is really quite straightforward. Then you can write your software as required.
Finally, the Wikipedia article on the protocol isn't bad.
Brad
2010-09-25 19:39:53