Connecting GoPhish with Office365

Operational challenges of setting of Office365 SMTP with GoPhish

Enable SMTP

$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking
Take a look if it is True: Get-TransportConfig (if there is True set to false)
Set-TransportConfig -SmtpClientAuthenticationDisabled $false
Take a look again if it works: Get-TransportConfig
Remove-PSSession $Session
Use the Administrator account (Generally the one which was used to create office365 account) to enable SMTP. I have seen that newer accounts already have this setting enabled by default. If your account is not working try this out.
UPDATE 01/02/2021
If above doesn't work for you. Try the following code. Credits Jonathan Cheung
Import-Module ExchangeOnlineManagement
Connect-ExchangeOnline -UserPrincipalName [email protected] -ShowProgress $true
Set-TransportConfig -SmtpClientAuthenticationDisabled $false

Add Connector

Add Connector to Exchange Admin
You will need to provide you GoPhish External IP to add this connector. The connector properties are From: Organization Mail Server , To: Office365, and then you need to add your External GoPhish IP

Whitelist your External GoPhish IP

Go to exchange admin center ( ) and click on Classic Exchange Admin at the bottom of the side menu.
Click on Connection -> Protection Filter > Connection Filtering
Here you need to Whitelist your external Exchange IP
Whitelist your External GoPhish IP
You should be good to go now. Enter your creds inside Gophish and send a Test Email.


Connect with me