From 70cb5ec0e73dfce04713cdbf58f522bf9b817322 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Thu, 30 Sep 2021 09:32:04 +0900 Subject: [PATCH 1/4] fix: [doc] travis link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 929aa0e..9c9ef77 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -[![Build Status](https://travis-ci.com/MISP/mail_to_misp.svg?branch=main)](https://travis-ci.com/MISP/mail_to_misp) +[![Build Status](https://app.travis-ci.com/MISP/mail_to_misp.svg?branch=main)](https://app.travis-ci.com/MISP/mail_to_misp) [![codecov](https://codecov.io/gh/MISP/mail_to_misp/branch/main/graph/badge.svg)](https://codecov.io/gh/MISP/mail_to_misp) # mail_to_misp From 89c3a2c117232dab18870c021d30d952270318e9 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Thu, 30 Sep 2021 09:50:32 +0900 Subject: [PATCH 2/4] fix: [travis] chardet dep --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index fb67720..296670d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -13,7 +13,7 @@ python: - "3.8-dev" install: - - pip install poetry + - pip install poetry chardet - poetry install -E fileobjects -E openioc -E virustotal -E docs -E pdfexport -E email - git submodule init - git submodule update From 3452f08cf0d08f7445dcd8824d305d66e3024251 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Thu, 30 Sep 2021 13:50:50 +0900 Subject: [PATCH 3/4] chg: [doc] Some clarifications and updates --- README.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 9c9ef77..6324501 100644 --- a/README.md +++ b/README.md @@ -100,11 +100,12 @@ You should now be able to send your IoC-containing mails to misp_handler@YOURDOM #### Bonus: Fake-SMTPD spamtrap -If you want to process all incoming junk mails automatically and collect the contained information in a (separate?) MISP instance, you could use the fake_smtp.py script. It listens on port 25, accepts all mails and pushes them through mail_to_misp to a MISP instance. +If you want to process all incoming junk mails automatically and collect the contained information in a separate throw-away MISP instance, you could use the fake_smtp.py script. It listens on port 25, accepts all mails and pushes them through mail_to_misp to a MISP instance. +It can also be configured to listen on an SSL port. (465) 1. Configure mail_to_misp_config.py -2. ln -s mail_to_misp_config.py fake_smtp_config.py +2. cp mail_to_misp_config.py fake_smtp_config.py 3. Make port 25 accessible to normal users @@ -172,10 +173,10 @@ Obviously, you would like to filter mails based on subject or from address and p ### The easy way ```bash -(sudo) pip install (--user) poetry +pip install --user poetry # Install other python requirements -poetry install +poetry install -E fileobjects -E openioc -E virustotal -E email -E url # Test if the script is working ./mail_to_misp.py -h From 35683e8bbeaf5062da8bb1efb44ad5e2cf10a21a Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Thu, 30 Sep 2021 13:51:11 +0900 Subject: [PATCH 4/4] fix: [re] RE escpae mistake --- tests/config_carrier.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/config_carrier.py b/tests/config_carrier.py index be5c95d..b894eff 100644 --- a/tests/config_carrier.py +++ b/tests/config_carrier.py @@ -44,7 +44,7 @@ sighting_source = "YOUR_MAIL_TO_MISP_IDENTIFIER" # Remove "Re:", "Fwd:" and {Spam?} from subject # add: "[\(\[].*?[\)\]]" to remove everything between [] and (): i.e. [tag] -removelist = (r'Re:', r'Fwd:', r'\{Spam?\}') +removelist = (r'Re:', r'Fwd:', r'\{Spam\?\}') # TLP tag setup # Tuples contain different variations of spelling