On 10/13/16 10:23 AM, Konstantin Khomoutov wrote:
On Thu, 13 Oct 2016 09:53:19 -0500 Bryan Holloway bryan@shout.net wrote:
[...]
Is there a way to see the IMAP commands coming from the client? I've tried looking at PCAPs, but of course they're encrypted so I can't see the actual dialog going on between the server and client. I didn't see an obvious way to do this in the docs.
If you have access to the SSL/TLS key (IOW, the private part of the cert) the server uses to secure IMAP connections you can dump the IMAP traffic using the
ssldumputility (which builds ontcpdump).
I do, but the client is using a DH key exchange so I only have the server-side private key.
Tried that using Wireshark's decoder features and ran into this problem. I'm assuming I'd run into the same using ssldump, but I'll give it a shot!
Stupid privacy. :)