MISP
/
mail_to_misp
mirror of https://github.com/MISP/mail_to_misp
2
0
Fork 0
Code Issues Releases Wiki Activity

new: Add freetext import of the whole body

pull/49/head
Raphaël Vinot 2021-01-25 17:54:49 +01:00
parent ad36ff599d
commit 3818ac92ea
2 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mail2misp/mail2misp.py
View File

@ -414,6 +414,8 @@ class Mail2MISP():
if self.config.sighting:
for value, source in self.sightings_to_add:
self.sighting(value, source)
if self.config.freetext:
self.misp.freetext(event, string=self.original_mail.get_body(preferencelist=('html', 'plain')), adhereToWarninglists=self.config.enforcewarninglist)
return event
def get_attached_emails(self, pseudofile):

1
mail_to_misp_config.py-example
View File

@ -8,6 +8,7 @@ spamtrap = False
default_distribution = 0
default_threat_level = 3
default_analysis = 1
freetext = False
body_config_prefix = 'm2m' # every line in the body starting with this value will be skipped from the IOCs
m2m_key = 'YOUSETYOURKEYHERE'