On Sat, May 24, 2008 at 12:13 PM, Kee Hinckley <nazgul@somewhere.com> wrote:
On May 24, 2008, at 3:24 AM, Colin Alston wrote:
You should not accept SMTP from the Amazon EC2 cloud at all. Amazon don't intend for anyone to use it as an email platform and tell their clients to use an external relay.
I'm sure this is good advice. But if an ISP used that as an excuse for not taking action, we'd hang them over hot coals. Is Amazon truly not policing the network for spammers?
not to excuse this, but... it's not a simple problem. The 'bad guy' rolls up to the website, orders 200 machines for 20 mins under the name 'xplosiveman' pays with some paypal/CC and runs his/her job. That job happens to create a bunch of email outbound. It could be a legitimate email service outsourcing their compute/bw needs to AWS, it could be 'pick-yer-bad-spammer' ... AWS really can't tell until after when the complaints roll in. :( I suppose they could say: "no tcp/25 outbound from AWS computer clusters", though that's probably a decent market in the real email-deliver-services :( Also, truly bad folk will just move to using proxies or other methods :( -Chris.