diff --git a/scripts/base/protocols/smtp/__load__.bro b/scripts/base/protocols/smtp/__load__.bro
index b4f089eaf4..bac9cc118f 100644
--- a/scripts/base/protocols/smtp/__load__.bro
+++ b/scripts/base/protocols/smtp/__load__.bro
@@ -1,3 +1,4 @@
 @load ./main
 @load ./entities
-@load ./entities-excerpt
\ No newline at end of file
+@load ./entities-excerpt
+@load ./file-analysis
diff --git a/scripts/base/protocols/smtp/file-analysis.bro b/scripts/base/protocols/smtp/file-analysis.bro
new file mode 100644
index 0000000000..6ba6981639
--- /dev/null
+++ b/scripts/base/protocols/smtp/file-analysis.bro
@@ -0,0 +1,18 @@
+@load ./main
+@load ./entities
+@load base/utils/conn-ids
+@load base/frameworks/file-analysis/main
+
+module SMTP;
+
+function get_file_handle(c: connection, is_orig: bool): string
+	{
+	if ( ! c?$smtp ) return "";
+
+	return fmt("%s smtp(%s, %s)", c$start_time, c$smtp$trans_depth,
+	           c$smtp_state$mime_level);
+	}
+
+redef FileAnalysis::handle_callbacks += {
+	[ANALYZER_SMTP] = get_file_handle,
+};
diff --git a/src/MIME.cc b/src/MIME.cc
index 4a7c0268b0..29cfc2f66e 100644
--- a/src/MIME.cc
+++ b/src/MIME.cc
@@ -5,6 +5,7 @@
 #include "Event.h"
 #include "Reporter.h"
 #include "digest.h"
+#include "file_analysis/Manager.h"
 
 // Here are a few things to do:
 //
@@ -1019,6 +1020,8 @@ void MIME_Mail::Done()
 		}
 
 	MIME_Message::Done();
+
+	file_mgr->EndOfFile(analyzer->Conn());
 	}
 
 MIME_Mail::~MIME_Mail()
@@ -1122,6 +1125,9 @@ void MIME_Mail::SubmitData(int len, const char* buf)
 		analyzer->ConnectionEvent(mime_segment_data, vl);
 		}
 
+	file_mgr->DataIn(reinterpret_cast<const u_char*>(buf), len,
+	                 analyzer->Conn(), false);  // is_orig param N/A
+
 	buffer_start = (buf + len) - (char*)data_buffer->Bytes();
 	}