Gophish - Setting up without Evilginx - Part 1

Gophish - Setting up without Evilginx - Part 1

Sebin Thomas
  2025-10-21 21:35 2025-10-21 21:35 Created   2026-01-25 14:07:28 2026-01-25 14:07:28 Updated    390 Words  2 Mins

Gophish Infrastructure Setup (EC2 · DNS · SMTP)

This section covers the infrastructure-level setup required before deploying GoPhish. Proper configuration at this stage is critical to avoid blacklisting, delivery issues, and operational failures during phishing simulations.

Prerequisites

Before starting the setup, ensure the following requirements are met:

  • EC2 instance (Linux-based preferred)
  • Phishing domain (e.g., Namecheap or GoDaddy)
  • SMTP server associated with the same domain
    (e.g., Titan Mail, Private Email, etc.)

EC2 Configuration

Note: Never expose GoPhish or phishing infrastructure publicly without restrictions. Improper exposure can quickly lead to blacklisting or service suspension.

Recommended EC2 configuration:

  • Whitelist trusted IP addresses instead of allowing unrestricted access (0.0.0.0/0)

  • Be cautious of automated scanners and reputation monitoring platforms such as:

  • Ensure port 443 (HTTPS) remains open
    Blocking HTTPS can break landing pages, redirects, and certificate validation.

  • Allow only the required ports:

    • 22 → SSH (restricted to your IP)
    • 80 → HTTP (optional, for redirects or ACME challenges)
    • 443 → HTTPS (phishing landing pages)
    • One custom port (e.g., 3333) for the GoPhish admin dashboard

  • After infrastructure setup:

    • Apply strict IP whitelisting to the admin dashboard port
    • Never leave the GoPhish admin panel publicly accessible

Domain Configuration

Correct DNS configuration is essential for email deliverability and phishing reliability.

  • Map the A record to your AWS EC2 public IP

  • Properly configure the following DNS records:

    • SPF
    • DMARC
    • DKIM
    • TXT
    • SRV (if required by your SMTP provider)

  • Create two CNAME records:

    • One for the GoPhish admin dashboard
    • One for the phishing domain / landing page

SMTP Configuration

SMTP configuration directly impacts campaign success and inbox placement.

Best practices:

  • Ensure DKIM is added and successfully verified
  • Use multiple SMTP servers if possible to distribute sending load
  • Prefer a paid or premium SMTP plan for:
    • Better deliverability
    • Reduced throttling
    • Improved sender reputation

Compliance and Operational Notes

Awareness: Reputation & Threat Monitoring Services

⚠️ Certain platforms actively monitor spam and phishing-related infrastructure. Poor OPSEC may result in rapid blacklisting.

Be aware of:

AWS Permission Requirement

Before launching any phishing or social engineering campaign, explicit authorization must be obtained from AWS.

Failure to comply may result in account suspension or termination.

Next Section

Part II - GoPhish Setup
Campaign creation, landing pages, email templates, and credential capture

  • Title: Gophish - Setting up without Evilginx - Part 1
  • Author: Sebin Thomas
  • Created at : 2025-10-21 21:35:00
  • Updated at : 2026-01-25 14:07:28
  • Link: https://0xsebin-blogs.vercel.app/2025/10/21/GoPhish-Setting-up-without-Evilgnix-Part-1/
  • License: All Rights Reserved © Sebin Thomas
On this page
Gophish - Setting up without Evilginx - Part 1
  1. Gophish Infrastructure Setup (EC2 · DNS · SMTP)
    1. Prerequisites
    2. EC2 Configuration
    3. Domain Configuration
    4. SMTP Configuration
  2. Compliance and Operational Notes
    1. Awareness: Reputation & Threat Monitoring Services
    2. AWS Permission Requirement
    3. Next Section