Ensure that Google Cloud VPC network firewall rules do not allow unrestricted access (i.e. 0.0.0.0/0) on TCP port 25 in order to reduce the risk of common security threats for the SMTP server instances associated with these firewall rules. TCP port 25 is used by Simple Mail Transfer Protocol (SMTP) servers for email transmission.
Allowing unrestricted inbound/ingress access on TCP port 25 (SMTP) using VPC network firewall rules can increase opportunities for malicious activities such as hacking, spamming, Shellshock and Distributed Denial-of-Service (DDoS) attacks.
To determine if your Google Cloud VPC firewall rules allow unrestricted access on TCP port 25, perform the following operations:
Remediation / Resolution
To update your VPC network firewall rules configuration in order to restrict Simple Mail Transfer Protocol (SMTP) access to trusted, authorized IP addresses or IP ranges only, perform the following operations:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Check for Unrestricted SMTP Access
Risk level: High