SMTP no-such-user issues

Steve Bertrand steve at
Tue Jun 17 13:20:12 UTC 2008

Steve Bertrand wrote:
> Frank Bulk - iNAME wrote:
>> Once you've performed a full capture on port 25, Wireshark does a nice 
>> job
>> of providing an option to extract the relevant conversation by
>> right-clicking on just one packet in that conversation and choosing
>> something called "Follow the TCP stream", I believe. 
> Ok. I've never captured in tcpdump and then imported into Wireshark 
> before, but I'll do some tests, scp the file to my Windows workstation, 
> then follow the stream.
> Once I ensure I get a clean stream, I'll post the results.

As I research the documentation on the how-to specifics on capturing 
with tcpdump in a format that is Wireshark compatible, is there anyone 
here that could perform a simple test against their own domain email 
system, that can confirm or deny what I have been witnessing?

If it can be confirmed that either A) my end is broken, or B) a remote 
end is broken, I will be content, and can continue with other work.

My mind will rest at ease if someone, with known bounce-no-mbox enabled, 

- provide me off list (or test for themselves from a remote location) a 
list of valid, and invalid recipients within their own domain's email 
infrastructure. It doesn't even matter if you specify which are valid 
and which ones are not

- create a temporary account on Hotmail (or from a email 
address, using whatever outbound servers they specify) send a message to 
the same recipients as requested above.

- in the case that you don't want to provide the addresses, and want to 
test internally, inform me of the overall result

- in the case that I receive the addresses to test from my location, 
provide me with the results of the Hotmail test so I can compare results

If this is happening to other ops along with myself, I can justify it to 
my users, and I can justify it in my own mind. If this is a locale 
specific issue to my own network, then I need to know that, as I 
obviously have work to do.

Thanks to everyone again.


More information about the NANOG mailing list