MISP
/
mail_to_misp
mirror of https://github.com/MISP/mail_to_misp
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [doc] Some clarifications and updates

pull/58/head
Steve Clement 2021-09-30 13:50:50 +09:00
parent 5701432d1f
commit 3452f08cf0
No known key found for this signature in database
GPG Key ID: 69A20F509BE4AEE9
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -100,11 +100,12 @@ You should now be able to send your IoC-containing mails to misp_handler@YOURDOM
#### Bonus: Fake-SMTPD spamtrap
If you want to process all incoming junk mails automatically and collect the contained information in a (separate?) MISP instance, you could use the fake_smtp.py script. It listens on port 25, accepts all mails and pushes them through mail_to_misp to a MISP instance.
If you want to process all incoming junk mails automatically and collect the contained information in a separate throw-away MISP instance, you could use the fake_smtp.py script. It listens on port 25, accepts all mails and pushes them through mail_to_misp to a MISP instance.
It can also be configured to listen on an SSL port. (465)
1. Configure mail_to_misp_config.py
2. ln -s mail_to_misp_config.py fake_smtp_config.py
2. cp mail_to_misp_config.py fake_smtp_config.py
3. Make port 25 accessible to normal users
@ -172,10 +173,10 @@ Obviously, you would like to filter mails based on subject or from address and p
### The easy way
```bash
(sudo) pip install (--user) poetry
pip install --user poetry
# Install other python requirements
poetry install
poetry install -E fileobjects -E openioc -E virustotal -E email -E url
# Test if the script is working
./mail_to_misp.py -h