introduction of fake-smtp

fake_smtp.py

@@ -0,0 +1,36 @@
+#!/usr/bin/python3
+import os
+import sys
+try:
+    configfile = os.path.basename(sys.argv[0]).split(".py")[0] + "_config"
+except Exception as e:
+    print("Couldn't locate config file {0}".format(configfile))
+    sys.exit(-1)
+try:
+    import smtpd
+    import asyncore
+    import subprocess
+    config = __import__(configfile)
+except ImportError as e:
+    print("(!) Problem loading module:")
+    print(e)
+    sys.exit(-1)
+
+smtp_addr = config.smtp_addr
+smtp_port = config.smtp_port
+binpath   = config.binpath
+
+print("Starting Fake-SMTP-to-MISP server")
+
+class CustomSMTPServer(smtpd.SMTPServer):
+    def process_message(self, peer, mailfrom, rcpttos, data):
+        print('Receiving message from: {0}'.format(peer))
+        print('Message addressed from: {0}'.format(mailfrom))
+        print('Message addressed to  : {0}'.format(rcpttos))
+        print('Message length        : {0}'.format(len(data)))
+        subprocess.call([binpath, data])
+        return
+
+server = CustomSMTPServer((smtp_addr, smtp_port), None)
+
+asyncore.loop()

mail_to_misp_config.py-example

@@ -10,6 +10,16 @@ nameservers = ['149.13.33.69']
 email_subject_prefix = b'M2M - '
 attach_original_mail = True
 
+# Paths (should be automatic)
+bindir = os.path.dirname(os.path.realpath(__file__))
+cfgdir = os.path.dirname(os.path.realpath(__file__))
+scriptname = 'mail_to_misp.py'
+binpath = os.path.join(bindir, scriptname)
+
+# for the SPAM trap
+smtp_addr = "127.0.0.1"
+smtp_port = 25
+
 excludelist = ('google.com', 'microsoft.com')
 externallist = ('virustotal.com', 'malwr.com', 'hybrid-analysis.com', 'emergingthreats.net')
 internallist = ('internal.system.local')