IP Whitelisting for SMTP integration

0

SMTP server is configured by client and it is Public facing.Client configured SMTP in Azure Cloud.This SMTP Server needs to be integrated with our AWS Lambda function residing in private subnet and attached to Nat Gateway. We need to provide IP to be whitelisted in SMTP server firewall for our AWS lambda function.Can you please let us know if whitelisting of Public IP(Elastic IP) of nat gateway will only work for connection establishment between SMTP Server and AWS lambda function.

Thanks in Advance

user1016767

Posted 2019-04-04T09:07:50.263

Reputation: 1

What does the word only mean, here? "will only work for connection establishment" "Only" implies the exclusion of other things, but there are no mentions of other things, that I can see. Are you concerned that this configuration would allow other things that should not be allowed? – Michael - sqlbot – 2019-04-04T15:27:57.777

"Only" implies that no further whitelisting required like whitelisting of Private subnet which is attached to lambda.Whitelisting of nat gateway IP would be enough for connection establishment between aws lambda and smtp server ?? – user1016767 – 2019-04-04T18:47:49.727

Answers

0

Yes, whitelisting the Elastic IP address (EIP) of your NAT Gateway(s) is all that is necessary for an external service to allow access from anything within the VPC that uses the NAT Gateway for Internet access.

All traffic passing through a NAT Gateway uses the gateway's IP, because the NAT Gateway replaces any private internal IP address with its own, on the way out (to the Internet) and reverses the process (using a mapping table that it maintains) on the way back in (from the Internet).

Michael - sqlbot

Posted 2019-04-04T09:07:50.263

Reputation: 1 103

Asked: 2019-04-04T09:07:50.263

Viewed: 49 times

Active: 2019-04-04T20:29:38.300