[Oisf-users] SMTP email body

Francis Trudeau ftrudeau at emergingthreats.net
Thu Apr 13 15:50:03 UTC 2017


Obligatory:

https://xkcd.com/979/

On Apr 12, 2017 1:56 AM, "Sergey Malinkin" <malinkinsa at gmail.com> wrote:

> I'm sorry, but i have one mistakes. I write few field except body.
>
> 2017-04-11 23:52 GMT+03:00 Andreas Herz <andi at geekosphere.org>:
>
>> On 11/04/17 at 13:48, Sergey Malinkin wrote:
>> > So, i found my mistake and now all work fine.
>> > Thanks.
>>
>> Are you willing to share it?
>>
>> > 2017-04-08 23:36 GMT+03:00 Andreas Herz <andi at geekosphere.org>:
>> >
>> > > On 05/04/17 at 13:48, Sergey Malinkin wrote:
>> > > > Hello,
>> > > > I have a this trouble too.
>> > > > Can you resolved it?
>> > >
>> > > I would suggest to you both to try to reproduce it with a pcap that
>> you
>> > > can share with us so we can debug it. Thanks!
>> > >
>> > > > My conf:
>> > > > - eve-log:
>> > > >       enabled: yes
>> > > >       filetype: regular
>> > > >       filename: smtp.json
>> > > >       types:
>> > > >         - smtp:
>> > > >             extended: yes # enable this for extended logging
>> information
>> > > >             custom: [received, x-originating-ip, relays, reply-to,
>> bcc,
>> > > > subject, body, user-agent]
>> > > >             md5: [body, subject]
>> > > >
>> > > >
>> > > > 2017-04-01 22:56 GMT+03:00 Andreas Herz <andi at geekosphere.org>:
>> > > >
>> > > > > On 21/03/17 at 13:21, JoaquĆ­n Silva wrote:
>> > > > > > But i'm not receiving any body. This is an smtp output example:
>> > > > > >
>> > > > > > What I'm doing wrong?
>> > > > > > My suricata version is 3.2.1
>> > > > >
>> > > > > How do you run suricata?
>> > > > >
>> > > > > Can you share a pcap file so we can test wit that as well?
>> > > > >
>> > > > > --
>> > > > > Andreas Herz
>> > > > > _______________________________________________
>> > > > > Suricata IDS Users mailing list: oisf-users at openinfosecfoundati
>> on.org
>> > > > > Site: http://suricata-ids.org | Support: http://suricata-ids.org/
>> > > support/
>> > > > > List: https://lists.openinfosecfoundation.org/
>> > > mailman/listinfo/oisf-users
>> > > > >
>> > >
>> > > > _______________________________________________
>> > > > Suricata IDS Users mailing list: oisf-users at openinfosecfoundati
>> on.org
>> > > > Site: http://suricata-ids.org | Support: http://suricata-ids.org/
>> > > support/
>> > > > List: https://lists.openinfosecfoundation.org/
>> > > mailman/listinfo/oisf-users
>> > >
>> > >
>> > > --
>> > > Andreas Herz
>> > > _______________________________________________
>> > > Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>> > > Site: http://suricata-ids.org | Support:
>> http://suricata-ids.org/support/
>> > > List: https://lists.openinfosecfoundation.org/mailman/listinfo/ois
>> f-users
>> > >
>>
>> > _______________________________________________
>> > Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>> > Site: http://suricata-ids.org | Support: http://suricata-ids.org/suppor
>> t/
>> > List: https://lists.openinfosecfoundation.org/mailman/listinfo/ois
>> f-users
>>
>>
>> --
>> Andreas Herz
>> _______________________________________________
>> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
>> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170413/fbd0600c/attachment-0002.html>


More information about the Oisf-users mailing list