API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 13th, 2016
114
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.37 KB | None | 0 0
raw download clone embed print report
  1. --------------------------------------------------------------------------------------------------------------------
  2. content of test.eml
  3. --------------------------------------------------------------------------------------------------------------------
  4. Delivered-To: kionez@gmail.com
  5. Received: by 10.25.83.77 with SMTP id h74csp11258lfb;
  6. Wed, 13 Apr 2016 07:55:02 -0700 (PDT)
  7. X-Received: by 10.194.58.195 with SMTP id t3mr9894255wjq.97.1460559302694;
  8. Wed, 13 Apr 2016 07:55:02 -0700 (PDT)
  9. Return-Path: <HIDDEN@HIDDEN.DEV>
  10. Received: from HIDDEN (HIDDEN. [1.2.3.4])
  11. by mx.google.com with ESMTP id p9si17935556wjf.86.2016.04.13.07.55.02
  12. for <kionez@gmail.com>;
  13. Wed, 13 Apr 2016 07:55:02 -0700 (PDT)
  14. Received-SPF: pass (google.com: best guess record for domain of HIDDEN@HIDDEN.DEV designates 1.2.3.4 as permitted sender) client-ip=1.2.3.4;
  15. Authentication-Results: mx.google.com;
  16. spf=pass (google.com: best guess record for domain of HIDDEN@HIDDEN.DEV designates 1.2.3.4 as permitted sender) smtp.mailfrom=HIDDEN@HIDDEN.DEV
  17. Message-Id: <570e5dc6.e917c20a.9fe64.4f2eSMTPIN_ADDED_MISSING@mx.google.com>
  18. Date: Wed, 13 Apr 2016 16:55:03 +0200
  19. To: kionez@gmail.com
  20. From: HIDDEN@HIDDEN.DEV
  21. Subject: test Wed, 13 Apr 2016 16:55:03 +0200
  22. X-Mailer: swaks v20130209.0 jetmore.org/john/code/swaks/
  23.  
  24. This is a test mailing
  25.  
  26. --------------------------------------------------------------------------------------------------------------------
  27. content of test_header.yara
  28. --------------------------------------------------------------------------------------------------------------------
  29. rule Header_string
  30. {
  31. strings:
  32. $match = "pass"
  33. condition:
  34. $match
  35. }
  36.  
  37. rule Header_Regex
  38. {
  39. strings:
  40. $match = /pass/
  41. condition:
  42. $match
  43. }
  44. --------------------------------------------------------------------------------------------------------------------
  45. content of test_body.yara
  46. --------------------------------------------------------------------------------------------------------------------
  47. rule Body_string
  48. {
  49. strings:
  50. $match = "test mailing"
  51. condition:
  52. $match
  53. }
  54.  
  55. rule Body_Regex
  56. {
  57. strings:
  58. $match = /test mailing/
  59. condition:
  60. $match
  61. }
  62. --------------------------------------------------------------------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!