Have always had a tough time getting Gophish to work to send emails via o365. Today I finally succeeded! Here’s how I did it:
First I used this guide along with some Microsoft documentation and did the following:
- Went to admin.exchange.microsoft.com, click on recipients -> mailboxes -> [my user] -> general -> manage settings for emails apps -> and ensured SMTP was on.
- Then on the same page, I went to settings -> mail flow -> and ensured the following ere on: turn on sending from aliases, turn on SMTP Auth for my org, and turn on use of legacy TLS clients
- On the same page, I went to mail flow -> connectors -> and added a connector from my org to O365 with the IP of gophish as the source.
- I went to https://aad.portal.azure.com and hit Azure Active Directory -> Properties -> Manage Security Defaults -> Disabled security defaults
- I went to https://security.microsoft.com/antispam and added my Gophish IP to the connection filter allowed list.
- I ensured MFA was off for my account.
Now, time to go to Gophish and plug in the settings:
- Go to sending profiles
- From needs to be first last <o365 email>
- Host: smtp-legacy.office365.com:587
- Username: o365 email
- Password: o365 password
- ignore cert errors
- no headers needed