So I recently installed The Dude after a wireless consultation with a local company. They talked about how awesome it is. I find myself agreeing. However after the last two hours of trying to figure out why I was seeing mysterious SMTP traffic on the network I finally found the setting where The Dude runs as a service by default and monitors the network. I disabled The Dude and the mysterious traffic disappeared. Just an information post about this.
smtp or snmp?
The dude does send mail for alerts, but it would be via another dedicated e-mail server.
The dude uses SNMP to poll data from the devices you are monitering so one would expect a constant trickle of SNMP and ICMP. I moniter a few hundred devices and I get a total traffic spike of jsut under a meg and averaging like 300k.
Essentially what I was seeing was the Dude checking the SMTP service on my mail server. It was just cropping up in my logs and freaked me out a little bit until I realized what I was seeing.