On Tue, Feb 24, 2009 at 2:20 PM, Julien Kerihuel <[email protected]> wrote: > On Tue, 2009-02-24 at 12:13 -0800, Harsha wrote: >> Hi all, >> >> I just started looking into openchange and first want to thank all the >> contributors for giving us openchange and the related projects. >> >> As a first step to contributing to the mapiproxy project, I'm reading >> documents on openchange.org and MS Specifications. I have worked on >> CIFS in the past and would like to take a similar approach of looking >> at the packet captures simultaneously. So my question to the list is >> suggestions for looking into the packet captures. I looked at >> Wireshark support for MAPI here - >> http://www.wireshark.org/docs/dfref/m/mapi.html >> Looks like thre are not many fields supported yet (I'm hoping to >> contribute to Wireshark as I go along). > > Hi Harsha, > > I would suggest to directly browse the MAPI dissector code [1]. The > dissector code is a bit old (never really had time to update it), but > should be a good start for further contributions. > > Also, I'd suggest you to run mapiproxy [2] in the middle of > Outlook/Exchange with the downgrade module enabled so Outlook will be > forced to downgrade to EcDoConnect/EcDoRpc and avoid using > EcDoConnectEx/EcDoRpcExt2 with compression. > > Finally if you set mapiproxy binding string parameter with [print] flag, > you'll have all MAPI traffic decoded properly and dumped on stdout. > > Within the same order idea, you may want to try mapitrace tool[3] > available in trunk and possibly look at openchange tools to understand > MAPI semantics. > > [1] http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/pidl/mapi/ > [2] http://mapiproxy.openchange.org > [3] http://wiki.openchange.org/index.php/MAPITRACE > Hi Julien,
Many thanks for the tips. I shall try all of them. Cheers, Harsha _______________________________________________ devel mailing list [email protected] http://mailman.openchange.org/listinfo/devel
