Connecting GoPhish with Office365

Operational challenges of setting of Office365 SMTP with GoPhish

Enable SMTP

$UserCredential = Get-Credential 
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection 
Import-PSSession $Session -DisableNameChecking 
Take a look if it is True: Get-TransportConfig  (if there is True set to false) 
Set-TransportConfig -SmtpClientAuthenticationDisabled $false 
Take a look again if it works: Get-TransportConfig 
Remove-PSSession $Session 

Use the Administrator account (Generally the one which was used to create office365 account) to enable SMTP. I have seen that newer accounts already have this setting enabled by default. If your account is not working try this out.

UPDATE 01/02/2021

If above doesn't work for you. Try the following code. Credits Jonathan Cheung

Import-Module ExchangeOnlineManagement 
Connect-ExchangeOnline -UserPrincipalName  -ShowProgress $true 
Set-TransportConfig -SmtpClientAuthenticationDisabled $false

Add Connector

Go to and add a connector.

You will need to provide you GoPhish External IP to add this connector. The connector properties are From: Organization Mail Server , To: Office365, and then you need to add your External GoPhish IP

Whitelist your External GoPhish IP

Go to exchange admin center ( ) and click on Classic Exchange Admin at the bottom of the side menu.

Click on Connection -> Protection Filter > Connection Filtering

Here you need to Whitelist your external Exchange IP

You should be good to go now. Enter your creds inside Gophish and send a Test Email.


Vincent Yiu, Jonathan Cheung, Jason Lang

Connect with me


Last updated