Ensure that Google Cloud VPC network firewall rules do not allow unrestricted access (i.e. 0.0.0.0/0) on TCP port 25 in order to reduce the risk of common security threats for the SMTP server instances associated with these firewall rules. TCP port 25 is used by Simple Mail Transfer Protocol (SMTP) servers for email transmission.
Allowing unrestricted inbound/ingress access on TCP port 25 (SMTP) using VPC network firewall rules can increase opportunities for malicious activities such as hacking, spamming, Shellshock and Distributed Denial-of-Service (DDoS) attacks.
To determine if your Google Cloud VPC firewall rules allow unrestricted access on TCP port 25, perform the following operations:
Remediation / Resolution
To update your VPC network firewall rules configuration in order to restrict Simple Mail Transfer Protocol (SMTP) access to trusted, authorized IP addresses or IP ranges only, perform the following operations:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
Get started for FREE
You are auditing:
Check for Unrestricted SMTP Access
Risk level: High