Feature request - Please create a mail server

[plugxor]

Background:

As part of our simulation, a mail server will be required. The server allows us to showcase some of the red team and insider activity. In addition, it allows creating side stories for our CTF

Request for us to build

Please look into building a mail server as we did last year. The same setup should work for what we need:

- Mail server with no description (to collect clear text logs)
- Mail server logs should be sent to Splunk (and other Siems)
- The mail server should be set up in a network segment in which packets are captured that allows reading traffic.  This is key for the simulation goals.  
- Server should have email accounts for all the users listed under the cred sheet document

Obsidian team members will be responsible for the setup of the local Thunderbox email account. On this note, I"m not sure if Thunderbox is an application included in the workstation image. Please let me know if to create a PR issue for this application request.

Last year's email server setup accomplished the same goals; reusing the code or refactoring may be the fastest way to get this working.

In the event the team has no cycles, I can handle this item. Just let me know so I can get started.

CRITERIA FOR SUCCESS

A working email server for our fictitious company employees. Packet capture is a must, participants need to be able to dig into the emails to uncover storylines and flags.

DRIs

@plugxor

[CptOfEvilMinions]

SecEng todos:

• Copy and run TF
• Copy, re-factor, and run Ansible
• Setup Windows Domain DNS zone
• Install thunderbird on all machines
• Create documentation for connection to mail server
• Setup logging tools for hMail

The instructions for setting up hMail are not in the repo from last year and I know it was not automated. SecEng thinks all this work will take a minimum of 8 story points (1 point = 1 hour).

[CptOfEvilMinions]

SecEng will not be responsible for this task - closing