nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Suggestions for a more privacy conscious email provider

From: "Keith Medcalf" <kmedcalf () dessus com>
Date: Mon, 04 Dec 2017 07:09:31 -0700
On Monday, 4 December, 2017 04:20, Edwin Pers <EPers () ansencorp com> wrote:


As an anecdotal aside, approx. 70% of incoming portscanners/rdp
bots/ssh bots/etc that hit the firewalls at my sites are coming from
AWS.



I used to send abuse emails but eventually gave up after receiving
nothing beyond "well, aws ip's are dynamic/shared so we can't help
you"


I tried, once upon a time, to run my private SMTP server as an AWS machine.  What a disaster, even with a rubber band 
IP or whatever it is they call a static IP assignment.  Tried sending through SES and that was just as bad.  Moved it 
to a Linode and set up the appropriate DNS including the rDNS delegations and it has been perfectly fine (both on IPv4 
and IPv6).  I do recall having to do something to get it to initially work (maybe Linode does some outbound blocking of 
port 25 -- I don't remember exactly as it was several years ago).

I know of a couple of other folks that run SMTP on Linodes and a couple of big mailing lists as well, all of which seem 
to work with no problems.  Never had any problems with any listings on any of several hundred DNSbl either.

Plus of course it is a pretty cheap way to get a reliable server (albeit virtual) on decently connected and configured 
infrastructure.


-----Original Message-----
From: NANOG [mailto:nanog-bounces () nanog org] On Behalf Of Rich
Kulawiec
Sent: Monday, December 4, 2017 2:27 AM
To: nanog () nanog org
Subject: Re: Suggestions for a more privacy conscious email provider

On Sun, Dec 03, 2017 at 05:08:33PM +0000, Filip Hruska wrote:

I personally run my own mail server, but route outgoing emails via

Amazon

SES.


Not a good idea.  Amazon's cloud operations are a constant source of
spam and abuse (e.g., brute-force SSH attacks), they refuse to accept
complaints per RFC 2142, and -- apparently -- they simply don't care
to
do anything about it.  I've had SES blacklisted in my MTA for years
(among
other preventative measures) and highly recommend to others.

---rsk


---
The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.
Previous By Date Next
Previous By Thread Next

Current thread: