Network misconfigurations

Ensure Azure network security group doesn’t allow unrestricted SMTP traffic from the Internet

Platform(s)
Compliance Frameworks

Description

A network security group contains security rules that allow or deny inbound network traffic to unrestricted SMTP (port 25) traffic from the Internet, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol. You can use an Azure network security group to filter network traffic to and from Azure resources in an Azure virtual network

  • Recommended Mitigation

    Configure security group rules to allow incoming SMTP traffic from allowed IP addresses only.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.