[liberationtech] Installation free end-to-end encryption: Asking for public review / opinion / suggestion
Rich Kulawiec
rsk at gsp.org
Thu Mar 28 04:30:35 PDT 2013
On Thu, Mar 28, 2013 at 10:48:17AM +0100, Simon Rothe wrote:
> - fast and secure hosted by Amazon-Web-Service
I wouldn't.
(a) Nobody with any clue accepts SMTP traffic from Amazon's cloud,
as it's proven itself to be a massive source of spam and other forms of
SMTP-borne abuse. Attempts to get Amazon personnel to deal with this
in a prompt, professional manner have failed. Therefore it's now a
best practice to deny incoming port 25 connections that originate in:
50.16.0.0/14
67.202.0.0/18
72.44.32.0/19
75.101.128.0/17
174.129.0.0/16
79.125.0.0/18
and/or which have rDNS that resolves to hosts in the subdomains
compute-1.amazonaws.com or compute.amazonaws.com.
(b) The assertion that Amazon's cloud is secure has no proof. Nor will
it have proof anytime soon -- which is not an Amazon-specific problem,
but a general problem with all cloud computing services.
---rsk
More information about the liberationtech
mailing list