Hi there!
We have a security queue where we want our users to forward suspicious
emails to. We want them to forward the eml file itself, so we can get
the whole email message, including headers and attachments. The problem
is that RT tries to parse this and then embeds the contents into the
ticket instead of adding it as a attachment. This means that the
important part of the forwarded messages, namely the headers, are
stripped away.
How can we avoid this behaviour?
We have a security queue where we want our users to forward suspicious
emails to. We want them to forward the eml file itself, so we can get
the whole email message, including headers and attachments. The problem
is that RT tries to parse this and then embeds the contents into the
ticket instead of adding it as a attachment. This means that the
important part of the forwarded messages, namely the headers, are
stripped away.
You really have to provide a sample email with complete mime structure
for anyone to comment.
It doesn’t have to contain malicious contents, but it does have to
show how your users attach eml files.
-kevin