The following tip is one of six steps to help you protect Windows systems from bi-modal attacks. Click to return...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
to the main page.
Viruses that spread via e-mail used to rely on the infected machine's default mail gateway to propagate messages. As e-mail server creators and administrators have improved security, malware authors have changed tactics and often simply create their own mini e-mail servers on infected machines to distribute messages.
In a corporate network environment, it should be fairly easy to identify the authorized e-mail servers. To protect your network from rogue mail servers spreading viruses, you should block outbound traffic on TCP port 25, the default SMTP port, except from the known SMTP gateways at the router level, or use Group Policy on a Windows domain to block outbound traffic on TCP port 25 at the individual system level.
Click for the next tip in this series: Manage patch deployment