nanog mailing list archives
Re: Suggestions for a more privacy conscious email provider
From: Filip Hruska <fhr () fhrnet eu>
Date: Mon, 4 Dec 2017 17:59:30 +0000
AWS is probably the biggest cloud provider in the world. Of course the majority of junk is going to be coming from their network,
simply because they are that big.Hovever, I really wanted to see what the bot statistics for my mail server were so I scanned my `Postfix` and `secure` log files for "access denied" entries.
In the past 10 hours, there were: * 573 Postfix SASL Auth Failed entries from 106 different IPs * 1479 SSH Auth Failed attempts from 13 different IPsI see lots of OVH, Azure, home/business connection providers (TELSTRA Australia, lot of Asian stuff, Telefonica, Vodafone, Verizon...), some random cloud/dedicated server provider here and there... but not a single Amazon IP - which surprised me quite a bit actually.
For reference, this server is with OVH in France and does not have fail2ban installed. Postfix has connection rate limiting enabled though.
On another note, I wouldn't recommend blatantly blacklisting anyone, especially not large service/platform/infrastructure providers. Many businesses (such as e-shops) rely completely on AWS (or other cloud) infrastructure. If you don't receive emails containing order details or invoices because you completely blacklisted them... well, that's your problem.
If your server is setup correctly, those bots are completely harmless and spamassassin will destroy 99.9% of spam emails, which I call success. The other 0.1% that goes through (that one email a week) I can delete manually.
Regards -- Filip Hruska Linux System Administrator Dne 12/4/17 v 12:19 Edwin Pers napsal(a):
As an anecdotal aside, approx. 70% of incoming portscanners/rdp bots/ssh bots/etc that hit the firewalls at my sites are coming from AWS. I used to send abuse emails but eventually gave up after receiving nothing beyond "well, aws ip's are dynamic/shared so we can't help you" -----Original Message----- From: NANOG [mailto:nanog-bounces () nanog org] On Behalf Of Rich Kulawiec Sent: Monday, December 4, 2017 2:27 AM To: nanog () nanog org Subject: Re: Suggestions for a more privacy conscious email provider On Sun, Dec 03, 2017 at 05:08:33PM +0000, Filip Hruska wrote:I personally run my own mail server, but route outgoing emails via Amazon SES.Not a good idea. Amazon's cloud operations are a constant source of spam and abuse (e.g., brute-force SSH attacks), they refuse to accept complaints per RFC 2142, and -- apparently -- they simply don't care to do anything about it. I've had SES blacklisted in my MTA for years (among other preventative measures) and highly recommend to others. ---rsk
Current thread:
- Re: Suggestions for a more privacy conscious email provider, (continued)
- Re: Suggestions for a more privacy conscious email provider Paul Ferguson (Dec 02)
- Re: Suggestions for a more privacy conscious email provider Jean | ddostest.me via NANOG (Dec 03)
- Re: Suggestions for a more privacy conscious email provider Filip Hruska (Dec 03)
- Re: Suggestions for a more privacy conscious email provider Grant Taylor via NANOG (Dec 03)
- Re: Suggestions for a more privacy conscious email provider Royce Williams (Dec 03)
- Re: Suggestions for a more privacy conscious email provider Grant Taylor via NANOG (Dec 03)
- Re: Suggestions for a more privacy conscious email provider Paul Ferguson (Dec 02)
- Re: Suggestions for a more privacy conscious email provider Rich Kulawiec (Dec 03)
- RE: Suggestions for a more privacy conscious email provider Edwin Pers (Dec 04)
- RE: Suggestions for a more privacy conscious email provider Keith Medcalf (Dec 04)
- Re: Suggestions for a more privacy conscious email provider Rich Kulawiec (Dec 04)
- Re: Suggestions for a more privacy conscious email provider Filip Hruska (Dec 04)
- Re: Suggestions for a more privacy conscious email provider Rich Kulawiec (Dec 04)
- Re: Suggestions for a more privacy conscious email provider Eric Tykwinski (Dec 04)
- Re: Suggestions for a more privacy conscious email provider Rich Kulawiec (Dec 05)
- Novice sysadmins (was: Suggestions for a more privacy conscious email provider) Stephen Satchell (Dec 05)
- Re: Novice sysadmins (was: Suggestions for a more privacy conscious email provider) Harald Koch (Dec 05)
- Re: Novice sysadmins Michael Thomas (Dec 05)
- Re: Novice sysadmins Grant Taylor via NANOG (Dec 05)
- Re: Novice sysadmins Sam Oduor (Dec 05)
- Re: Novice sysadmins Miles Fidelman (Dec 05)
- Re: Novice sysadmins Tim Pozar (Dec 05)