There is no syslog content mapping information for MTA logs. Deep Discovery Email
Inspector sends raw MTA logs directly to
syslog servers.
Log sample:
04-27-2018 09:57:51 Mail.Info 10.206.155.128 Apr 27 09:57: 51 localhost postfix/smtpd[19318]: proxy-accept: END-OF-ME SSAGE: 250 2.0.0 Ok: queued as DEC594A7815; from=<user1@do main1.com> to=<user2@domain2.com> proto=SMTP helo=<test.com>