Feature #6296
opensmtp: BDAT chunking support incl MIME parsing
Description
If I got it right, the MIME part of SMTP messages is not parsed if the "BDAT" command is used for chunking.
In app-layer-smtp.c, the initialization of the MIME state data structure is only performed if the plain "DATA" command is used.
The SMTPProcessCommandBDAT function just seems to step over the lines following the BDAT command without any further processing.
If my observation is correct, I would like to suggest to implement it. If not, please close the ticket. Thanks.
Updated by Jason Ish 6 months ago
- Related to Task #6443: Suricon 2023 brainstorm added
Updated by Victor Julien 6 months ago
- Subject changed from Support MIME parsing in SMTP messages using BDAT chunking to smtp: BDAT chunking support incl MIME parsing
Updated by Ralf Meister 5 months ago
I have encountered the same issue as user maja and developed some patches that implements the BDAT command and passes the data to the MIME parser...
I would like to share these patches with you. How can this be done?
Updated by Andreas Herz 5 months ago
Ralf Meister wrote in #note-5:
I would like to share these patches with you. How can this be done?
We have put out this guide for contributing code to the project, see https://docs.suricata.io/en/latest/devguide/codebase/contributing/contribution-process.html for the details.
In a nutshell, create a PR on github towards Suricata with your changes following the guideline outlined in the documentation.
Updated by Sascha Steinbiss 4 months ago
I would also like to offer my assistance getting your contributions into Suricata, if there are still questions. Feel free to get in touch by simply replying here.