From f1c160ed223b58e1f9124e410acc6262b25166b2 Mon Sep 17 00:00:00 2001
From: Tom DeCanio <decanio.tom@gmail.com>
Date: Thu, 21 Aug 2014 12:34:06 -0700
Subject: [PATCH] smtp: turn on smtp mime decoding and enable smtp eve logging.

---
 suricata.yaml.in | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/suricata.yaml.in b/suricata.yaml.in
index f1da99ba07..12230ff14d 100644
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -110,6 +110,7 @@ outputs:
             force-magic: no   # force logging magic on all logged files
             force-md5: no     # force logging of md5 checksums
         #- drop
+        - smtp
         - ssh
         # bi-directional flows
         #- flow
@@ -1299,7 +1300,7 @@ smtp-mime:
 
   # Decode MIME messages from SMTP transactions (may be resource intensive)
   # This field supercedes all others because it turns the entire process on or off
-  decode-mime: no
+  decode-mime: yes
 
   # Decode MIME entity bodies (ie. base64, quoted-printable, etc.)
   decode-base64: yes