From 3818ac92eae55b5a6106da6ca30dc0a12b1ad3be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= <raphael@vinot.info>
Date: Mon, 25 Jan 2021 17:54:49 +0100
Subject: [PATCH] new: Add freetext import of the whole body

---
 mail2misp/mail2misp.py         | 2 ++
 mail_to_misp_config.py-example | 1 +
 2 files changed, 3 insertions(+)

diff --git a/mail2misp/mail2misp.py b/mail2misp/mail2misp.py
index 9f92c75..a6b941e 100644
--- a/mail2misp/mail2misp.py
+++ b/mail2misp/mail2misp.py
@@ -414,6 +414,8 @@ class Mail2MISP():
         if self.config.sighting:
             for value, source in self.sightings_to_add:
                 self.sighting(value, source)
+        if self.config.freetext:
+            self.misp.freetext(event, string=self.original_mail.get_body(preferencelist=('html', 'plain')), adhereToWarninglists=self.config.enforcewarninglist)
         return event
 
     def get_attached_emails(self, pseudofile):
diff --git a/mail_to_misp_config.py-example b/mail_to_misp_config.py-example
index 468027b..2409bf1 100644
--- a/mail_to_misp_config.py-example
+++ b/mail_to_misp_config.py-example
@@ -8,6 +8,7 @@ spamtrap = False
 default_distribution = 0
 default_threat_level = 3
 default_analysis = 1
+freetext = False
 
 body_config_prefix = 'm2m'  # every line in the body starting with this value will be skipped from the IOCs
 m2m_key = 'YOUSETYOURKEYHERE'