Verify your email security with tcpdump
I confess, I'm an outlaw at heart. I like using packet sniffers like tcpdump because it satisfies my base snooping impulses. Packet-sniffing is wiretapping after all, only it's applied to TCP/IP packets, not voice transmissions. Sure, they're my packets on my systems, but still the idea is appealing. Even more appealing is knowing I have the ability to monitor incoming and outgoing traffic, and knowing exactly what's going on.
For example, being an untrusting soul as all wise network administrators are, I can use tcpdump to verify that encryption is working. Here is what a plain unencrypted POP mail session looks like. This is an abbreviated example showing only the initial three-way TCP handshake.
[ Read more ]