From ed94db8b27e684a24fa94587c458760733cdc518 Mon Sep 17 00:00:00 2001
From: Sascha Rommelfangen <sascha@rommelfangen.de>
Date: Wed, 24 May 2017 16:20:57 +0200
Subject: [PATCH] on request, ip addresses have no longer IDS flag enabled

---
 mail_to_misp.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mail_to_misp.py b/mail_to_misp.py
index 4043929..8f566c8 100755
--- a/mail_to_misp.py
+++ b/mail_to_misp.py
@@ -193,7 +193,7 @@ for entry in urllist:
                     comment = "on port: " + str(port)
                 
                 if is_valid_ipv4_address(hostname.decode('utf-8', 'ignore')):
-                    misp.add_ipdst(new_event, hostname.decode('utf-8', 'ignore'), comment=comment, category='Network activity', to_ids=ids_flag)
+                    misp.add_ipdst(new_event, hostname.decode('utf-8', 'ignore'), comment=comment, category='Network activity', to_ids=False)
                 else:
                     misp.add_hostname(new_event, hostname.decode('utf-8', 'ignore'), comment=comment, category='Network activity', to_ids=ids_flag)
                 try: