[Oisf-users] SMTP email body

Andreas Herz andi at geekosphere.org
Tue Apr 11 20:52:51 UTC 2017 

On 11/04/17 at 13:48, Sergey Malinkin wrote:
> So, i found my mistake and now all work fine.
> Thanks.

Are you willing to share it?

> 2017-04-08 23:36 GMT+03:00 Andreas Herz <andi at geekosphere.org>:
> 
> > On 05/04/17 at 13:48, Sergey Malinkin wrote:
> > > Hello,
> > > I have a this trouble too.
> > > Can you resolved it?
> >
> > I would suggest to you both to try to reproduce it with a pcap that you
> > can share with us so we can debug it. Thanks!
> >
> > > My conf:
> > > - eve-log:
> > >       enabled: yes
> > >       filetype: regular
> > >       filename: smtp.json
> > >       types:
> > >         - smtp:
> > >             extended: yes # enable this for extended logging information
> > >             custom: [received, x-originating-ip, relays, reply-to, bcc,
> > > subject, body, user-agent]
> > >             md5: [body, subject]
> > >
> > >
> > > 2017-04-01 22:56 GMT+03:00 Andreas Herz <andi at geekosphere.org>:
> > >
> > > > On 21/03/17 at 13:21, JoaquĆ­n Silva wrote:
> > > > > But i'm not receiving any body. This is an smtp output example:
> > > > >
> > > > > What I'm doing wrong?
> > > > > My suricata version is 3.2.1
> > > >
> > > > How do you run suricata?
> > > >
> > > > Can you share a pcap file so we can test wit that as well?
> > > >
> > > > --
> > > > Andreas Herz
> > > > _______________________________________________
> > > > Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> > > > Site: http://suricata-ids.org | Support: http://suricata-ids.org/
> > support/
> > > > List: https://lists.openinfosecfoundation.org/
> > mailman/listinfo/oisf-users
> > > >
> >
> > > _______________________________________________
> > > Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> > > Site: http://suricata-ids.org | Support: http://suricata-ids.org/
> > support/
> > > List: https://lists.openinfosecfoundation.org/
> > mailman/listinfo/oisf-users
> >
> >
> > --
> > Andreas Herz
> > _______________________________________________
> > Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> > Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> > List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> >

> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users


-- 
Andreas Herz

More information about the Oisf-users mailing list