Capturing Email Traffic

["Mike Dodson" <mikejd208 () gmail com>]

I would like to monitor the email traffic in and out of our network to make sure that no one is using the incorrect 
ports.  I need this information as I would like to setup a firewall rule that would only allow traffic to and from one 
specific server.  I think I have found the answer to this question but so far no information has been captured yet.  
When I start the capture and in the display filter I am using "pop or smtp" as the expression which should tell me when 
there is that type of traffic.  Is this the correct way of doing this or is there a better way.  
thanks for the help.
Mike

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe