pcap spam analysis

[m sesser <security () sesser eu>]

Hi list,

I have a tcpdump file (libpcap) which I want to analyze for spam.
I want to extract the smtp fields:

* mail from:
* rcpt to:
* subject:

in a list/file.

Are there application to do this for free?
Are there applications to extract mails to a *.eml or linux
mailbox/maildir format?
Maybe a simple Perl-Script or tcptrace module?

thanks,
markus