September 23, 2020

How to create a simple email server in Linux

1 min read

Penetration testing sometimes requires the assembly of various additional tools. For example, a mail server from which you can send phishing emails to check employees for social engineering attacks. This mail server should allow you to send letters from any address and generally ask a minimum of questions when sending. We will use Postfix as such a server.

aptget install postfix

During installation, we will be asked several questions:

General type of mail configuration

System Mail Name

Our server is already ready for work, but still, it’s better to add small restrictions for senders (especially if it is accessible from external networks).

Therefore, open the file /etc/postfix/main.cf and make small changes to it.
First, you can change the system mail name in the line:
myhostname = kali.localdomain
Next, change the list of networks from which the sender can send mail without authorization, listing the addresses and subnets through space:
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
Single IP addresses are best added with the /32 mask.
mynetworks = 127.0.0.0/8 192.168.1.2/32
Allow sending emails without authorization for the loopback interface and address 192.168.1.2.
Now it remains only to restart Postfix.
service postfix restart
An SMTP server is ready. It allows you to send letters from anyone, filtering the sender only by IP address, which allows you to use it to send letters as part of penetration testing.