I recently began to use this tool to perform tests on client sites as well as our office network. It is ridiculously simple even though all of the functions can be performed with a little research using the tools provided in BT2.

In terms of the Client Side Rapid Penetration Test, does anyone have a solution for getting Impact to send out your spoofed emails if the SMTP servers that are found in the client MX records turn out to (shockingly) not be relaying email anonymously? I think I may need to set up an SMTP server that I can bring up/take down when I plan to send out the Client Side attacks, but if there is another solution - I am all ears.

And I do realize this is a BT forum and not a Core Impact one. I felt it was applicable to the forum as tools in BT allow for email enumeration/spoofing emails. Offensive Security courses also highlight the use of Core Impact. I hope this last paragraph has successfully deferred any "take it to another forum" comments.