The following tip is one of six steps to help you protect Windows systems from bi-modal attacks. Click to return...
to the main page.
Viruses that spread via e-mail used to rely on the infected machine's default mail gateway to propagate messages. As e-mail server creators and administrators have improved security, malware authors have changed tactics and often simply create their own mini e-mail servers on infected machines to distribute messages.
In a corporate network environment, it should be fairly easy to identify the authorized e-mail servers. To protect your network from rogue mail servers spreading viruses, you should block outbound traffic on TCP port 25, the default SMTP port, except from the known SMTP gateways at the router level, or use Group Policy on a Windows domain to block outbound traffic on TCP port 25 at the individual system level.
Click for the next tip in this series: Manage patch deployment