Overview
Direct Delivery enables you to place messages directly into a Microsoft user's inbox via Microsoft Graph, bypassing the need to send an email through a traditional mail server. This helps avoid delivery issues when conducting simulated phishing tests.
For Direct Delivery to work, the recipient email addresses must exist and have an active mailbox within the Azure tenant where Direct Delivery is enabled. Otherwise, they will not receive the messages. Additionally, Direct Delivery does not support delivery to alias addresses. When a PhishingBox Group has Direct Delivery enabled, campaigns will automatically attempt to send simulated phishing and training emails via Direct Delivery to the targets within that Group.
Direct Delivery can be configured at the Account (Mail Settings) or Group level (Create / Edit Group). Use the links below to jump to a section:
Mail Settings
When a PhishingBox account has Direct Delivery enabled, you’ll have the option to activate it in the Campaign Wizard on the Review Tab. This allows you to send simulated phishing and training emails to the account's targets using Direct Delivery.
To enable Direct Delivery, navigate to Administration > Settings > Mail Settings > Direct Delivery tab and click the "Enable Direct Delivery" button. The following permissions will be requested:
- Read all users' full profiles
- Read mail in all mailboxes
- Read and write mail in all mailboxes
- Sign in and read user profile
NOTE: These permissions grant access to read, modify or delete emails. Direct Delivery will never interface with inboxes to read, modify or delete emails. These permissions are only used to deliver mail to inboxes.
Click the "Accept" button to grant these permissions. To disable Direct Delivery, click the "Disable Direct Delivery" button.
Create / Edit Group
When a PhishingBox group has Direct Delivery enabled, campaigns will automatically use Direct Delivery to send simulated phishing and training emails to the group’s targets, regardless of the toggle option on the final screen of campaign creation.
NOTE: It's possible to enable Direct Delivery for the entire account instead of a specific group. See the Direct Delivery Section of our Mail Settings article.
To enable Direct Delivery for a group, navigate to Targets / Groups > Edit Group > Direct Delivery Tab and click the "Enable Direct Delivery" button. The following permissions will be requested:
- Read all users' full profiles
- Read mail in all mailboxes
- Read and write mail in all mailboxes
- Sign in and read user profile
NOTE: These permissions grant access to read, modify or delete emails. Direct Delivery will never interface with inboxes to read, modify or delete emails. These permissions are only used to deliver mail to inboxes.
Click the "Accept" button to grant these permissions. To disable Direct Delivery, click the "Disable Direct Delivery" button:
Comments
0 comments
Please sign in to leave a comment.