EC2 and GAE means end of ip address reputation industry? (Re: Intrustion attempts from Amazon EC2 IPs)

Patrick Giagnocavo patrick at
Mon Jun 23 13:50:06 UTC 2008

Paul Vixie wrote:

> my argument doesn't get that far, actually.  i think there will be no outages
> because recipients of abuse won't feel that they can afford to toss out the
> good with the bad in this particular case.  which is going to remind of me
> tom lehrer's quip, "feels like a christian scientist with appendicitis" once
> an EC2 customer instance gets infected with malware that then ddos's somebody.

What has been missing from this entire thread, is the input/experiences 
of those who are actually using EC2 to run their web sites.

If you look at places where people are actually running EC2 in either 
testing or production, you will find that they are concerned about 
legitimate email from their EC2 instances actually reaching their customers.

See for instance, the many EC2 threads on Paul Graham's "Hacker News" 
site at (best to use Google to search the 
site probably).

What I think would/should happen is that EC2 is never assumed to be a 
legitimate source of email; and any EC2 instance that sends email will 
instead be relaying through a non-EC2 mail server.



More information about the NANOG mailing list