AWS Security ChangesHomeSearch

AWS AWSEC2 medium security documentation change

Service: AWSEC2 · 2025-04-20 · Security-related medium

File: AWSEC2/latest/UserGuide/ec2-resource-limits.md

Summary

Clarified port 25 restrictions to explicitly block traffic to public IPv4/IPv6 addresses by default

Security assessment

Explicitly documents a security control (port 25 traffic blocking to public IPs) that could prevent unintended email traffic or abuse. The change clarifies existing security posture.

Diff

diff --git a/AWSEC2/latest/UserGuide/ec2-resource-limits.md b/AWSEC2/latest/UserGuide/ec2-resource-limits.md
index f91af6c5e..12a2d4874 100644
--- a//AWSEC2/latest/UserGuide/ec2-resource-limits.md
+++ b//AWSEC2/latest/UserGuide/ec2-resource-limits.md
@@ -61 +61 @@ For more information, including how to use the AWS CLI or SDKs to request a quot
-On all instances, Amazon EC2 restricts outbound traffic to public IP addresses over port 25 by default. You can request that this restriction be removed. For more information, see [How do I remove the restriction on port 25 from my Amazon EC2 instance or Lambda function?](https://repost.aws/knowledge-center/ec2-port-25-throttle)
+By default, Amazon EC2 allows outbound traffic over port 25 only to private IPv4 addresses. Traffic over port 25 is blocked to public IPv4 addresses and IPv6 addresses.
@@ -63 +63 @@ On all instances, Amazon EC2 restricts outbound traffic to public IP addresses o
-###### Note
+You can request that this restriction be removed. For more information, see [How do I remove the restriction on port 25 from my Amazon EC2 instance or Lambda function?](https://repost.aws/knowledge-center/ec2-port-25-throttle)
@@ -65 +65 @@ On all instances, Amazon EC2 restricts outbound traffic to public IP addresses o
-This restriction does not apply to outbound traffic sent over port 25 to:
+This restriction does not apply to outbound traffic over port 25 destined for: