[AusNOG] Controlling spam in IaaS environment

[Andrew McN]

Do you really need to be providing a mail relay service yourself?  Do
you really want to restrict your customers to your chosen offering for that?

It's probably not practical to technically lock down what can be used
(especially given https submission of email).  Use of an outbound spam
filtering service could be a TOS requirement though.

Block outgoing port 25 without exception.  Your customers should
generally be submitting SMTP(S) mail to relays on port 587 or 465, or
using a service over https.

Mailchimp (including mandrill), Sendgrid, and Barracuda come to mind as
relay services you could suggest to customers, though that selection is
biased towards the sort of operations I'm involved in.

Andrew



On 01/12/16 14:17, Daniel Manzau wrote:
> Hi All,
> 
> 
> We're after a bit of advice as to what general best practice is in
> stopping (failing that, identifying) SPAM in IAAS/Hosting type environments.
> 
> 
> The way we see it there are two broad methods by which spammers can
> abuse this type of service:
> 
> 
> 1) Spammer creates a server which they then use a spam source until they
> get shut down and kicked. Let's call this the SPAMY Customer
> 
> 2) Spammers exploit a legitimate customers existing server and then use
> that exploit to deliver spam. Let's call this the SPAMY Exploit.
> 
> 
> There are quite a few strategies that stop the SPAMY Customer, like
> blocking outbound port 25 by default in their service profile. However,
> these methods don't stop the SPAMY Exploit.
> 
> 
> Is the best approach to cover off both scenarios a commercial
> appliance/service and if so, does anyone have any recommendation on a
> good value service provider solution for an IaaS type offering?
> 
> 
> Thanks
> Daniel
> 
> 
> 
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>