Network misconfigurations

Ensure Azure network security group doesn’t allow unrestricted SMTP traffic from the Internet

Compliance Frameworks


A network security group contains security rules that allow or deny inbound network traffic to unrestricted SMTP (port 25) traffic from the Internet, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol. You can use an Azure network security group to filter network traffic to and from Azure resources in an Azure virtual network