Skip to content

Manual Installation Guide (SMTP and IMAP)

Jump to bottom
Chris King edited this page Jan 13, 2017 · 5 revisions

FiercePhish

This is the manual method of installing Postfix, OpenDKIM, and Dovecot for use with FiercePhish.

Why install these?

  • Postfix - SMTP server to send your emails. This is not required if you plan to use an alternate method of sending email.
  • OpenDKIM - DKIM server to assist with bypassing spam filters. It works in tandem with Postfix
  • Dovecot - IMAP server to receive email (if you purchased a domain) and provide the received emails to FiercePhish (to be implemented soon). This isn't required if you didn't purchase a domain.

Recommended Prerequisites

  • Purchase a domain name to send emails from

This isn't required, but it is heavily suggested. Phishing campaigns where you spoof an active domain you don't own are extremely susceptible to being spam filtered (unless the domain's SPF record is improperly configured). The best way to perform a phishing campaign is by buying a generic domain that can fool someone ("yourfilehost.com") or a domain that is very similar to a real domain ("microsoft-secure.com").

Manual Installation Method

This manual installation instructions assume you are running Ubuntu 16.04. You will need to modify the instructions to your own distribution. Some packages may be different, some configuration settings may change, but the general idea should be the same.

  1. Install Postfix, Dovecot, and OpenDKIM

    apt-get install postfix curl dovecot-imapd opendkim opendkim-tools

    The Postfix installation will prompt you twice. At the first prompt, select "Internet Site". At the second prompt, type in the full domain name that you purchased (ie: example.com). If you didn't purchase a domain, just hit enter. The Dovecot install may prompt you asking if you want to generate a self-signed SSL certificate. Just hit yes.

  2. Create a local user named "FiercePhish" for email receiving

    adduser FiercePhish

    Set the password to whatever you would like (remember it though)

  3. Configure Postfix

    • In "/etc/postfix/main.cf", set myhostname to your domain (or "localhost" if you don't have a domain)

    • Put the name of the domain you purchased into "/etc/mailname" (or "localhost" if you don't have a domain):

      echo "mydomain.com" > /etc/mailname

    • Append the following lines at the bottom of "/etc/postfix/main.cf":

      resolve_numeric_domain = yes
smtp_tls_security_level = may
smtp_tls_loglevel = 1
luser_relay = FiercePhish
local_recipient_maps =
milter_protocol = 2
milter_default_action = accept
smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301

  4. Configure OpenDKIM

    • Append the following lines at the bottom of "/etc/opendkim.conf":

      AutoRestart                Yes
AutoRestartRate            10/1h
SyslogSuccess              Yes
LogWhy                     Yes
ExternalIgnoreList         refile:/etc/opendkim/TrustedHosts
InternalHosts              refile:/etc/opendkim/TrustedHosts
KeyTable                   refile:/etc/opendkim/KeyTable
SigningTable               refile:/etc/opendkim/SigningTable
PidFile                    /var/run/opendkim/opendkim.pid
SignatureAlgorithm         rsa-sha256
UserID                     opendkim:opendkim
Socket                     inet:12301@localhost

    • Run the following commands with the domain you purchased where $DOMAIN is (or "localhost" if you have none):

      echo 'SOCKET="inet:12301@localhost"' > /etc/default/opendkim
mkdir -p /etc/opendkim/keys

      Put the following contents in "/etc/opendkim/TrustedHosts" (changing out "$DOMAIN"):

      127.0.0.1
localhost
192.168.0.1/24
$DOMAIN
*.$DOMAIN}

      Run these commands (changing out "$DOMAIN"):

      echo "mail._domainkey.$DOMAIN $DOMAIN:mail:/etc/opendkim/keys/$DOMAIN/mail.private" > /etc/opendkim/KeyTable
echo "*@$DOMAIN mail._domainkey.$DOMAIN" > /etc/opendkim/SigningTable
mkdir /etc/opendkim/keys/$DOMAIN
cd /etc/opendkim/keys/$DOMAIN
opendkim-genkey -s mail -d $DOMAIN
chown opendkim:opendkim mail.private

      The contents of "/etc/opendkim/keys/$DOMAIN/mail.txt" is your DKIM key for DNS use

  5. Configure Dovecot

    Edit "/etc/dovecot/conf.d/10-auth.conf":

    • Set "disable_plaintext_auth" to disable_plaintext_auth = no (and uncomment it if its commented)

    • Set "auth_mechanisms" to auth_mechanisms = plain login (and uncomment it if its commented)

    Edit "/etc/dovecot/conf.d/10-logging.conf":

    • Set "log_path" to log_path = /var/log/dovecot.conf (and uncomment it if its commented)

  6. Restart all services

    service postfix restart
service dovecot restart
service opendkim restart

  7. Done!

Post Installation Configuration

Now that you have install the SMTP server and IMAP server, you need to configure FiercePhish to use it. You can either do this through the web interface (under "Settings" --> "Configurations"), or via the configuration file (found by default in "/var/www/fiercephish/.env").

The following variables need to be set:

  • MAIL_DRIVER=smtp
  • MAIL_HOST=127.0.0.1
  • MAIL_PORT=25
  • MAIL_USERNAME=null
  • MAIL_PASSWORD=null
  • MAIL_ENCRYPTION=null
  • IMAP_USERNAME=FiercePhish
  • IMAP_PASSWORD= (whatever you put as the password for the FiercePhish local user)

After you edit the ".env" file, you must run: php artisan config:cache

The last thing you need to do is set the proper DNS entries (you generated a DKIM entry in the above steps). Click here to see the DNS instructions.

General

Features

Troubleshooting

Clone this wiki locally