Configure SMTP for phishing simulation

Owned by Oleksandr Dzvonyk
Last updated: Sept 17, 2020

Instructions

Option 1. SMTP Authentication

This method allow to connect to exchange server and send the email as the account that has been used to connect or as any other account in the system.

  1. Connect to Exchange Online Powershell (https://docs.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps)

  2. Check the value of the SmtpClientAuthenticationDisabled property by running the commnad:Get-TransportConfig | Format-List SmtpClientAuthenticationDisabled

  3. If the value is true then run command Set-TransportConfig -SmtpClientAuthenticationDisabled $false

  4. Go to the Office Admin Portal → Users → Active Users → Search for Account → Click on the Account

  5. In the popup window select “Mail” tab. Then click on the “manage email apps”.

  6. In the popup window check “Authenticated SMTP”

     

  7. If the email should be sent as different account than the one used to connect to Exchange then go to the Office Admin Portal → Users → Active Users → Search for Account (“Send as” account) → Click on the Account. In the popup window select “Mail” tab. Then click “Send as permissions”. In the next window search for the account that has been used to connect to the exchange. Add it and click “Save”.

     

Option 2. SMTP direct send

This method allows to send an email from any email address (even the one that doesn’t exists or has a different domain).

  1. Sign in to the Microsoft 365 admin center.

  2. Go to Settings > Domains, select your domain (for example, contoso.com), and find the MX record.

    The MX record will have a Points to address or value value that looks similar to contoso-com.mail.protection.outlook.com.

    Make a note of the MX record Points to address or value value, which we refer to as your MX endpoint.

  3. Go to the Exchange Admin Portal → mail flow → rules. Click on the + icon the select “Bypass spam filtering …”

  4. Name it

  5. in the “Apply this rule if…” drop down select “A message header …” and then “includes any of these words”

  6. Click on the *Enter text…: and type “ x-phishing-simulation”. Click OK

  7. Click on the *Enter words… and add “true”. Click OK

     

     

  8. Click “Save” and make sure the rule has high enough priority.