Email Flow

Emails sent via the Gophish interface will immediately connect to an internal Postfix server listening on port 25. The server has been configured to accept any message, strip off identifiable headers and forward anything it receives to the Rspamd server.

Rspamd accepts the email message and applies a legitimate DKIM signature before forging an ARC header. All keys and public domain records should have been automatically configured during initialisation, and everything should work out of the box.

Warning — recently registered SendGrid API keys no longer permit sending from non-approved domains. Older API keys are still able to exploit the SendGrid platform.

There are two paths the email can take. It can be sent directly from your domain or via Sendgrid.

If direct sending has been configured, then IP reputation will likely flag your emails as spam on some receiving email providers. However, if sent via Sendgrid, then the email will adopt the reputation of Sendgrid, which by default is remarkably high.

Unfortunately, your email will lose some ARC integrity headers and signatures, but we've not seen them adopted outside of Google providers. Email delivery is a careful balance between how reputable you require your IP address to be and whether you abuse Sendgrid's API and its lack of domain ownership checks.