MISP
/
mail_to_misp
mirror of https://github.com/MISP/mail_to_misp
2
0
Fork 0
Code Issues Releases Wiki Activity

explanation of m2m_key added

slight_refactoring
Sascha Rommelfangen 2018-04-12 09:40:49 +02:00 committed by GitHub
parent 5e1fbcb7a4
commit e7b88659b5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
README.md
View File

@ -29,7 +29,22 @@ Connect your mail infrastructure to [MISP](https://github.com/MISP/MISP) in orde
- Automatically filter out attributes that are on a server side warning list (enforcewarninglist=True)
- Support for value sighting (sighting=True, sighting_source="YOUR_MAIL_TO_MISP_IDENTIFIER")
- Auto-publish when key:yourkey is specified in mail (configurable, m2m_key, m2m_auto_distribution)
-
```
The m2m_key configuration is used to specify a secret only you and your users know. If you know the key, you can send a mail to your mail_to_misp instance, and when this key is present in the body of the message, it will automatically publish the event.
So let's assume your config says:
m2m_key = 'ABCDEFGHIJKLMN0PQRSTUVWXYZ'
If you send a mail to mail_to_misp containing:
key:ABCDEFGHIJKLMN0PQRSTUVWXYZ
the event is automatically published.
If you don't want to use this feature, just don't put it in the message body.
```
## Implementation