static SMTPConfig smtp_config = { 0, { 0, 0, 0, 0 } };
/**
- * \brief Configure SMTP Mime Decoder by parsing out 'smtp-mime' section of YAML
+ * \brief Configure SMTP Mime Decoder by parsing out mime section of YAML
* config file
*
* \return none
int ret = 0, val;
intmax_t imval;
- ConfNode *config = ConfGetNode("smtp-mime");
+ ConfNode *config = ConfGetNode("app-layer.protocols.smtp.mime");
if (config != NULL) {
ret = ConfGetChildValueBool(config, "decode-mime", &val);
}
/**
- * \brief Register the SMPT Protocol parser.
+ * \brief Register the SMTP Protocol parser.
*/
void RegisterSMTPParsers(void)
{
enabled: yes
smtp:
enabled: yes
+ # Configure SMTP-MIME Decoder
+ mime:
+ # Decode MIME messages from SMTP transactions
+ # (may be resource intensive)
+ # This field supercedes all others because it turns the entire
+ # process on or off
+ decode-mime: yes
+
+ # Decode MIME entity bodies (ie. base64, quoted-printable, etc.)
+ decode-base64: yes
+ decode-quoted-printable: yes
+
+ # Maximum bytes per header data value stored in the data structure
+ # (default is 2000)
+ header-value-depth: 2000
+
+ # Extract URLs and save in state data structure
+ extract-urls: yes
+
imap:
enabled: detection-only
msn:
# double-decode-path: no
# double-decode-query: no
-# Configure SMTP-MIME Decoder enhancements
-smtp-mime:
-
- # Decode MIME messages from SMTP transactions (may be resource intensive)
- # This field supercedes all others because it turns the entire process on or off
- decode-mime: yes
-
- # Decode MIME entity bodies (ie. base64, quoted-printable, etc.)
- decode-base64: yes
- decode-quoted-printable: yes
-
- # Maximum bytes per header data value stored in the data structure (default is 2000)
- header-value-depth: 2000
-
- # Extract URLs and save in state data structure
- extract-urls: yes
-
# Profiling settings. Only effective if Suricata has been built with the
# the --enable-profiling configure flag.
#
projects / thirdparty / suricata.git / commitdiff
