TheHive4 mailer responder issue #197
Comments
|
Hello, the issue for us on a modified version of the mailer responder was due to the way TheHive4 automatically transform case tags. Because of that the responder was not able to find the mail address https://github.com/TheHive-Project/Cortex-Analyzers/blob/master/responders/Mailer/mailer.py
Has to be replaced by:
regards, Emilien |
|
Hi Emilien, With this replacement, mail_tags = [t[5:].strip('"') for t in tags if t.startswith('mail:') or t.startswith('mail=')] You got it work on your end? |
|
Yes, it worked for us. but as I said it is a modified version of the responder. Can you put here the full error msg from Cortex ? |
|
I modified as what you advised and got this error:.. in my case i use gmail account to send an email to the recipient which is already been set. Traceback (most recent call last): File "/opt/Cortex-Analyzers/responders/Mailer/mailer.py", line 82, in Mailer().run() File "/opt/Cortex-Analyzers/responders/Mailer/mailer.py", line 61, in run s = smtplib.SMTP(self.smtp_host, self.smtp_port) File "/usr/lib/python3.8/smtplib.py", line 253, in init (code, msg) = self.connect(host, port) File "/usr/lib/python3.8/smtplib.py", line 341, in connect (code, msg) = self.getreply() File "/usr/lib/python3.8/smtplib.py", line 398, in getreply raise SMTPServerDisconnected("Connection unexpectedly closed")smtplib.SMTPServerDisconnected: Connection unexpectedly closed |
Another one , this one is pretty odd.. i setup everything in the config as it supposed to be and got this error: Missing auth pass |
Hi guys,
I had issues getting the mailer responder work as intended. The phish feedback v1.0 also do not work as designed. Anyone have had similar issues and get it fixed and mind share the solutions ? Much appreciated with the help! Thanks
The text was updated successfully, but these errors were encountered: