Email templates serve as the foundation for your phishing simulation campaigns, containing the persuasive content and social engineering elements that will be delivered to recipients. These carefully crafted messages are designed to test user awareness and provide realistic scenarios for security training purposes.
Email template creation requires careful consideration of both technical compatibility and social engineering effectiveness. Ensure your email markup is optimized for the email clients your recipients commonly use, as rendering differences can impact campaign success and user engagement rates.
Setting | Description and Usage |
---|---|
Template Name | Descriptive identifier for organizing and managing email templates |
Envelope From | Technical sender address (Return-Path/MAIL FROM) used for email routing and delivery. Typically matches the From header for optimal deliverability. |
From Header | Display sender information shown to recipients. Format: "Display Name <[email protected]>" for enhanced credibility and personalization. |
Subject Line | Email subject displayed in recipient's inbox. Critical for open rates and social engineering effectiveness. |
Tracking Pixel | Automatically embeds the {{.Tracker}} variable for monitoring email open
events and recipient engagement tracking. |
Access the advanced content editor by clicking Editor
to reveal comprehensive design
and customization tools for creating compelling phishing simulation content:
Feature | Function and Benefits |
---|---|
File Import | Import existing HTML email templates or content from external sources for rapid deployment |
Live Preview | Split-screen editor with real-time preview that automatically updates as you modify content, ensuring accurate visual representation |
Variable Templates | Insert personalization variables for recipient-specific content, enhancing social engineering effectiveness and campaign realism |
Domain Selection | Choose specific domains for accurate link previews and URL structure testing during content development |
External Preview | Open full-screen preview in separate window for comprehensive email client testing and cross-platform compatibility verification |
Email attachments provide additional vectors for phishing simulation testing, enabling you to evaluate how recipients respond to potentially malicious files. These attachments can include documents, executables, or other file types that simulate real-world attack scenarios while maintaining a safe training environment.
Attachment creation enables you to deploy files that enhance your phishing simulation scenarios. These attachments can simulate malicious documents, software installers, or other file types commonly used in real-world attacks, providing comprehensive testing of recipient security awareness and response protocols.
Setting | Description and Usage |
---|---|
Attachment Name | Descriptive identifier for managing and organizing attachment files within your template library |
Description | Detailed information about the attachment's purpose, content, or intended usage scenario for team collaboration |
Dynamic Content | Enable processing of embedded template variables (e.g., {{.URL}} )
within plain-text file formats for personalized attachment content |
File Upload | Select single or multiple files for attachment creation. Bulk uploads automatically generate individual attachment entries for efficient management |
SMTP configurations provide traditional email delivery infrastructure for your phishing simulation campaigns. These configurations define the mail server settings, authentication credentials, and delivery parameters necessary for reliable email transmission to campaign recipients while maintaining proper email deliverability and sender reputation.
SMTP configuration setup enables reliable email delivery through traditional mail servers, providing control over sender reputation, delivery headers, and authentication methods. Proper configuration ensures optimal deliverability rates and maintains professional appearance for your simulation campaigns.
Setting | Description and Requirements |
---|---|
Configuration Name | Descriptive identifier for managing multiple SMTP server configurations |
SMTP Host | Mail server hostname or IP address for email transmission (e.g., smtp.gmail.com, mail.company.com) |
SMTP Port | Server port for email submission. Common ports: 587 (STARTTLS), 465 (SSL/TLS), 25 (standard) |
Username | Authentication username for SMTP server access and sender verification |
Password | Authentication password or application-specific token for secure server access |
TLS Validation | Certificate validation settings. Disable only for internal servers with self-signed certificates |
Custom SMTP headers enable advanced email delivery customization and integration with enterprise email systems. These headers can enhance deliverability, provide additional tracking capabilities, or meet specific organizational email policy requirements for your phishing simulation campaigns.
Add custom headers by specifying the header Key
and corresponding
Value
, then click Save
to apply the configuration. Common use cases include
organizational routing headers, priority settings, and compliance tracking requirements.
API Senders provide a modern alternative to traditional SMTP delivery, enabling integration with cloud email services, enterprise messaging platforms, and custom delivery systems. This approach offers enhanced scalability, detailed delivery analytics, and advanced features not available through conventional SMTP configurations.
API Senders enable you to deliver personalized phishing emails through external APIs by designing custom request structures and defining expected response patterns. This flexibility allows integration with services like SendGrid, Mailgun, Amazon SES, or custom organizational email APIs.
To utilize API delivery, select API Sender
during template creation and configure
the appropriate API endpoint and authentication settings for your chosen email service provider.
API Sender creation involves defining comprehensive request structures, authentication methods, and response validation criteria for reliable email delivery through external APIs. This configuration process ensures seamless integration with your chosen email service provider while maintaining full control over delivery parameters and error handling.
Setting | Description and Usage |
---|---|
Sender Name | Descriptive identifier for managing multiple API sender configurations |
API Endpoint URL | Complete URL for the email service API endpoint where delivery requests will be sent |
HTTP Method | HTTP request method (POST, PUT, etc.) required by the email service API specification |
API Authentication Key | Service API key or token, accessible as {{.APIKey}} variable in headers
and request body for secure authentication |
Request Headers | HTTP headers required by the API, including authentication, content-type, and custom service headers |
Request Payload | JSON or form-encoded request body structure containing email content, recipient information, and service-specific parameters |
Expected Status Code | HTTP response code indicating successful email submission (typically 200, 201, or 202) |
Response Header Validation | Optional header content validation for additional confirmation of successful API interaction |
Response Body Validation | Expected text or pattern in response body for comprehensive delivery confirmation |
Custom Field 1-4 | User-defined variables accessible as {{.CustomField1}} through
{{.CustomField4}} for additional template personalization and API parameter
customization |