EC2 and GAE means end of ip address reputation industry? (Re: Intrustion attempts from Amazon EC2 IPs)
Steve Gibbard
scg at gibbard.org
Sun Jun 22 19:43:48 UTC 2008
On Sun, 22 Jun 2008, Paul Vixie wrote:
> it seems that amazon has succeeded where google and microsoft failed. with
> e-mail only services like hotmail and gmail, it was still possible to treat
> an IP address as having a reputation, and to therefore blackhole hotmail
> and gmail (and other free e-mail services) due to the spam emanating from
> them, even though they are shared IP addresses and also emit much non-spam
> traffic.
Even assuming Amazon will do as bad a job of policing EC2 as Paul suspects
they will, I'm not at all convinced that customers would miss EC2 more
than they'd miss mail from Hotmail or GMail.
Paul has said in the past that he refuses e-mail from the various free
webmail services. If that works for him, great, but I suspect the typical
e-mail service customer wouldn't consider the resulting spam savings worth
the potential downside. If I did that on my own servers, I'd probably
miss out on most of the e-mail I care most about receiving, since my
friends and relatives seem to like free webmail services. Given the
number of legitimate free webmail users out there, and the number of
people who like getting mail from them, I suspect any service provider who
tried to block them would end up with a lot of angry former customers.
Likewise, anybody blocking EC2 would miss out on whatever bad stuff might
be coming out of EC2, but would miss out on being able to access services
hosted there as well. Would they miss it more than they'd miss their
friends on GMail? That seems far from guaranteed.
So yeah, if big shared services that include important stuff aren't being
adequately policed, that's probably a problem for IP address reputation
services. But that's not really a new problem being introduced by EC2.
-Steve
More information about the NANOG
mailing list