You traffic is never safe when someone has access to your network.
tcpdump lets a network admin examine traffic as it is happening, normally used to diagnose problems.
tcpdump -i eth0 -l -t -A -q -s 0 "port smtp" and host 'xxx.xxx.xxx.xxx'
Lets me examine email traffic on the fly to see what is going on.
tcpdump -i eth0 -l -t -A -q -s 0 "port smtp" and host 'xxx.xxx.xxx.xxx'|grep "From:"
Lets me examine email traffic on the fly to see what is going on and see where emails are coming from, sender name. Useful if I am trying to track spam out breaks.
tcpdump -pnvi eth0 host xxx.xxx.xxx.xxx and port 80
This is my stock standard default command to look at traffic from/to one IP address for just one port.