Mail from tcpdump packet logs

[Tommy Moore <tmoore () cmrc org>]

Hi guys.

Is there any way I can use Snort to grab the e-mail messages send and received out of a tcpdump packet log?
I've used mailsnarf from the Dsniff package to do this live on the wire, but I'm looking for a way to do this from a 
binary tcpdump log.
I saw in the Snort faq that there's a way to do this, but there weren't any instructions for doing this.

Thanks for any help you can provide.

Tommy

Attachment: _bin
Description: