On Wed, Dec 06, 2017 at 12:29:30PM -0500, Gordon Ewasiuk via NANOG wrote:
and an online form where you can report EC2 abusers: https://aws.amazon.com/forms/report-abuse
1. Used it (and the abuse@ address). Either (a) no response and/or (b) boilerplate response. No responses indicating that reports were read and understood by a human. No responses indicating any action taken, whether reactive or proactive. No apparent change in observed attacks/abuse. 2. Y'know, if I can see attacks/abuse arriving at networks/systems that I run, then surely they can see it leaving networks/systems that they run. The same data is available to them as is available to me, and I have absolutely no trouble noticing it. Why don't they see it and do something about it even before I (or anybody else) has the chance to report it? Better yet, why not study the large-scale patterns over time and proactively address it? (In fairness, the SMTP rate-limit described inter alia is exactly the sort of thing that would be part of this, and it's good that they're doing that.) ---rsk