base/protocols/smtp/entities.zeek

SMTP

Analysis and logging for MIME entities found in SMTP sessions.

Namespace

SMTP

Imports

base/frameworks/files, base/frameworks/notice/weird.zeek, base/protocols/smtp/main.zeek, base/utils/files.zeek, base/utils/strings.zeek

Summary

Types

SMTP::Entity: record

Redefinitions

SMTP::Info: record	New Fields SMTP::Info entity: SMTP::Entity &optional The current entity being seen.
SMTP::State: record	New Fields SMTP::State mime_depth: count &default = 0 &optional Track the number of MIME encoded files transferred during a session.

Detailed Interface

Types

SMTP::Entity

Type

record

filename: string &optional

Filename for the entity if discovered from a header.

excerpt: string &log &default = "" &optional

(present if policy/protocols/smtp/entities-excerpt.zeek is loaded)

The entity body excerpt.