Amadokhumenti e-Gophish
Navigation
Uyisetha kanjani iseva ye-imeyili ye-SMTP esebenzayo yokuhlolwa kobugebengu bokweba imininingwane ebucayi ngo-2022
Ingabe ucabanga ukumisa umkhankaso wakho wokuhlola ubugebengu bokweba imininingwane ebucayi kulo nyaka?
Ubunjiniyela Bezenhlalakahle bukhule baba usongo olukhulu nakakhulu ngo-2022 futhi ucabanga izindlela zokubhekana nakho.
Nokho ukuncishiswa okwenziwe yimboni kwenze lokhu kwaba nzima kunangaphambili.
Ukuze uqalise uzodinga izinto ezimbalwa.
Udinga iseva ye-imeyili ye-SMTP evumelekile.
Lokhu kungaba inselele njengoba abahlinzeki abaningi bamafu bavimba ithrafikhi ye-SMTP.
Udinga futhi ideshibhodi ukuze ulandelele, futhi uhlaziye okutholwe kwakho kobunjiniyela bezenhlalo.
Lokhu kuzokuvumela ukuthi ubuke inqubekelaphambili futhi ubikele ithimba labaphethe.
Ukusetha lokhu kungathatha amaviki omsebenzi kanye nokuhlola, okuhlanganisa kufika ezinkulungwaneni zamadola emsebenzini.
Yingakho sidale lo mhlahlandlela ukuze sikubonise ukuthi ungasetha kanjani iseva ye-SMTP kubahlinzeki bokusingatha abangayivimbi i-SMTP.
Ekupheleni kwalo mhlahlandlela uzokwazi ukuthi ungamisa kanjani futhi uvikele leyo seva ukuze ikwazi ukuthumela imilayezo.
Futhi uzokwazi ukuthi ufudumeza kanjani ikheli le-IP elisetshenziswa iseva ukuze imilayezo ilethwe.
Sizosebenzisa ithuluzi elibizwa nge-Poste.io ukusiza ekucushweni kweseva yemeyili.
Sizophinde sikubonise ukuthi ungasetha kanjani ideshibhodi yobugebengu bokweba imininingwane ebucayi ongayisebenzisa ukuze ulandelele futhi uhlaziye okutholile.
Sinedeshibhodi esebenzisa i-GoPhish ku-Amazon Web Services elungele ukwethulwa.
Ungavula futhi uyivale le deshibhodi njengoba udinga ukuphatha nokuhlaziya imikhankaso yakho yokuhlola ubugebengu bokweba imininingwane ebucayi.
Uyisetha kanjani iseva yakho ye-SMTP
Okokuqala uzodinga ukuthola i-VPS kumhlinzeki ovumela ithrafikhi ye-SMTP.
Lokho kusho Contabo, Hetzner, LunaNode, BuyVM, noma Scaleway.
Sizosebenzisa i-Contabo kulesi sibonelo.
- Dala i-akhawunti e-Contabo okungenani ene-4GB ye-RAM kanye no-80 GB wesikhala sokulondoloza.
Chofoza lapha ukuvula i-Contabo VM ngezilungiselelo ezikhethwe kusengaphambili.
- Ungakhetha igama elifanelana nesimo sakho sokusebenzisa.
Ithimba lethu lisebenzisa imigomo yanyanga zonke ngaphandle kwalapho sinesivumelwano sokusebenzisa isikhathi eside sokuhlola ubugebengu bokweba imininingwane ebucayi.
- Okulandelayo uzofuna ukukhetha isifunda esiseduze nenhlangano ozoyihlola.
Kulokhu, ngizosebenzisa i-US East e-Contabo.
- I-VPS oyisebenzisela ukusingatha iseva yakho ye-SMTP kufanele okungenani ibe ne-4 GB ye-RAM futhi okungenani ibe nesikhala sokulondoloza esingu-80GB.
- Ngemuva kwalokho uzofuna ukukhetha i-Operating System, ukhethe Ubuntu 20.04 ukuze uqinisekise ukuhambisana.
6. Khetha igama-mfihlo ozolisebenzisa ukuze uthole iseva yakho nge-SSH. Ungenza iphasiwedi eqinile lapha: https://passwordsgenerator.net/
Qiniseka ukuthi ugcina lokhu kusiphathi sephasiwedi njenge-LastPass ukuze uthole ireferensi yesikhathi esizayo.
- Qiniseka ukuthi unikezwe okungenani ikheli le-IP lomphakathi elilodwa!
8. Ungashiya okumisiwe kwe-Addons kanye Nobuningi Beseva ku-Contabo.
- Ngemuva kwalokho kuzodingeka ungene ngemvume noma udale i-akhawunti.
- Uma usungenile, khokha imali yenyanga yesevisi.
- Ngemva kokukhokha, uzothola i-imeyili yokuqinisekisa uma iseva yakho isimisiwe.
- Okulandelayo sizongena kuseva bese siqala ukumisa iseva yakho ye-SMTP sisebenzisa i-Poste.io.
Uzodinga ukusebenzisa igama lomsebenzisi (impande) kanye nephasiwedi oyikhiqize ekuqaleni ukuze ungene kuseva nge-SSH.
13. Ungakwazi ukuxhumana neklayenti lakho le-SSH olithandayo, njenge I-MobaXTerm noma i-PuTTY.
Uma usungenile kuseva, uzofuna ukuya ku-Poste.io bese uqhuba izinyathelo ezilandelayo:
- Faka i-Docker Engine kuseva yakho ye-Ubuntu usebenzisa imiyalo eneskripthi sokuqala esisheshayo lapha:
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
- Ungaphinda ufake i-Docker Engine usebenzisa le miyalo elandelayo uma iskripthi se-quickstart singasebenzi ekusabalaliseni kwakho Ubuntu:
sudo apt-get update
sudo apt-get install \
izitifiketi ze-ca-certificate \
curl \
gnupg \
lsb-ukukhishwa
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | I-sudo gpg -dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
i-echo \
"deb [arch=$(dpkg -print-architecture) sign-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) uzinzile” | I-sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
- Qinisekisa ukuthi i-Docker Engine isebenza ngomyalo olandelayo okufanele ukhiphe i-Hello World bese uvala isiqukathi se-Docker:
I-sudo docker igijima i-hello-world
17. Landa futhi usebenzise i-Dockerfile kusuka ku-Poste.io kusuka https://poste.io/doc/getting-started usebenzisa umyalo ongezansi.
$ docker run \
-net=host \
-e TZ=America/New_York \
-v /your-data-dir/data:/data \
-igama "i-mailserver" \
-h “mail.yourphishdomain.com” \
-t analogic/poste.io
Kukhona izinguquko ezimbalwa ozofuna ukuzenza kulo myalo:
- -e TZ=America/ New_York Setha indawo yesikhathi yedethi efanele
- -v /your-data-dir/data:/idatha Ifaka umkhombandlela wedatha kusuka kusistimu yokusingatha. I-database yomsebenzisi, ama-imeyili, izingodo, konke kuzogcina kulo mkhombandlela ukuze kube lula ukwenza isipele.
- -igama"i-mailserver" Qalisa i-poste.io njengesiqukathi esinegama elichaziwe
- -h “mail.yourphishdomain.com” Igama lomethuleli leseva yakho ye-imeyili yokuhlola ubugebengu bokweba imininingwane ebucayi
I-Poste.io izosingatha ukusethwa kwezinyathelo zokuphepha zakamuva, i-TLS, i-SPF, i-DKIM, ne-DMARC egameni lakho.
- Sebenzisa ithuluzi le-IP Warming okungenani amahora angu-72 ngaphambi kwemikhankaso yokuhlola ubugebengu bokweba imininingwane ebucayi.
I-Lemlist ingu-$29/mo, kanti i-WarmupInbox ingu-$9/mo, bheka ku-IP Warming SOP ukuze uthole imininingwane.
Sicela ubheke umhlahlandlela wethu othi “Indlela Yokufudumala I-IP” ukuze uthole ukucatshangelwa kokufudumala kwe-IP.
I-SOP: Indlela yokufudumala i-IP yeseva ye-imeyili entsha
- Landela umkhondo isithunzi se-IP usebenzisa i-poste.io/dnsbl, mxtoolbox.com/blacklists.aspx noma dnsbl.info.
20. Hlola iseva yemeyili nezifanekiso ze-imeyili usebenzisa i-mail-tester.com ukuze uthuthukise ukulethwa.
Uyisetha Kanjani Ideshibhodi Yakho Yokuhlola Ubugebengu Bokweba imininingwane ebucayi
21. Dala noma ngena ku-Akhawunti yakho ye-AWS
22. Vakashela uhlu lwemakethe ye-GoPhish
23. Qala isivivinyo samahhala ngohlu lwemakethe
24. Yamukela imigomo kanye nokuhlinzeka ngeseva ye-GoPhish ngaphakathi kwe-akhawunti yakho ye-AWS. Uma udala i-akhawunti entsha sha, i-Amazon izoqinisekisa i-akhawunti yakho futhi ikuthumelele ukuqinisekiswa nge-imeyili.
25. Ngena kudeshibhodi yakho ye-GoPhish usebenzisa igama lakho lomsebenzisi nesibonelo se-ID.
26. Lungiselela Iphrofayela yakho Yokuthumela ukuze usebenzise iseva yakho entsha ye-Poste.io ye-SMTP ku-Contabo.
Imininingwane Yokuxhumana ye-SMTP
- umphathi: mail.yourphishdomain.com
- port: 465 (i-TLS iyadingeka), 587 noma (i-STARTTLS iyadingeka)
- kudingeka ukufakazela ubuqiniso
- igama lomsebenzisi lilonke ikheli le-imeyili lomsebenzisi@example.com
- 27. Misa umkhankaso wakho wokuqala.
- 28. Thumela umkhankaso wakho wokuqala
Unemibuzo? Ungabona imibhalo yethu ye-GoPhish lapha, noma uxhumane nathi ukuze uthole usizo support@hailbytes.com
IMIBUZO EJWAYELEKILE UKUBUZWA
- umphathi: mail.yourphishdomain.com
- port: 465 (i-TLS iyadingeka), 587 noma (i-STARTTLS iyadingeka)
- kudingeka ukufakazela ubuqiniso
- igama lomsebenzisi lilonke ikheli le-imeyili lomsebenzisi@example.com
- 27. Misa umkhankaso wakho wokuqala.
- 28. Thumela umkhankaso wakho wokuqala
Unemibuzo? Ungabona imibhalo yethu ye-GoPhish lapha, noma uxhumane nathi ukuze uthole usizo support@hailbytes.com