mirror of
https://github.com/zeek/zeek.git
synced 2025-10-09 01:58:20 +00:00
f5a689a760
- SMTP protocol headers now do some minimal parsing to clean up email addresses. - New function named split_mime_email_addresses to take MIME headers and get addresses split apart but including the display name. - Update tests.
11 lines
1.5 KiB
Text
11 lines
1.5 KiB
Text
#separator \x09
|
|
#set_separator ,
|
|
#empty_field (empty)
|
|
#unset_field -
|
|
#path smtp
|
|
#open 2016-06-16-20-28-28
|
|
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p trans_depth helo mailfrom rcptto date from to cc reply_to msg_id in_reply_to subject x_originating_ip first_received second_received last_reply path user_agent tls fuids
|
|
#types time string addr port addr port count string string set[string] string string set[string] set[string] string string string string addr string string string vector[addr] string bool vector[string]
|
|
1254722768.219663 CjhGID4nQcgTWjvg4c 10.10.1.4 1470 74.53.140.153 25 1 GP gurpartap@patriots.in raj_deol2002in@yahoo.co.in Mon, 5 Oct 2009 11:36:07 +0530 "Gurpartap Singh" <gurpartap@patriots.in> <raj_deol2002in@yahoo.co.in> - - <000301ca4581$ef9e57f0$cedb07d0$@in> - SMTP - - - 250 OK id=1Mugho-0003Dg-Un 74.53.140.153,10.10.1.4 Microsoft Office Outlook 12.0 F Fel9gs4OtNEV6gUJZ5,Ft4M3f2yMvLlmwtbq9,FL9Y0d45OI4LpS6fmh
|
|
1437831787.867142 CPbrpk1qSsw6ESzHV4 192.168.133.100 49648 192.168.133.102 25 1 [192.168.133.100] albert@example.com ericlim220@yahoo.com,davis_mark1@outlook.com,felica4uu@hotmail.com Sat, 25 Jul 2015 16:43:07 +0300 Albert Zaharovits <albert@example.com> ericlim220@yahoo.com davis_mark1@outlook.com,felica4uu@hotmail.com - <A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com> <9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com> Re: Bro SMTP CC Header - - - 250 Ok 192.168.133.102,192.168.133.100 Apple Mail (2.2102) F FKX8fw2lEHCTK8syM3
|
|
#close 2016-06-16-20-28-28
|