Why you don't want to host your MTA machine in the cloud

April 19, 2010

So one recent tidbit of news from Slashdot is that people are shocked, utterly shocked that some bad people are using EC2 to host machines that do bad stuff and that Amazon is surprisingly ineffective about stopping this.

Well, yes. Hello, here is a newsflash: cheap or free hosting (it's free if you use other people's credit card numbers) attracts bad people like flies to honey, and people operating cheap services rarely (by which I mean 'never') staff up their abuse department adequately. Even if they do, the abuse department is all post facto action and generally ineffective; for every bad person they squash, there's three more than show up tomorrow. This is true not just for Amazon's EC2, it is true for any cloud computing system, because they all have the same problem.

(This is happening to EC2 most visibly probably because it is the largest, most popular, best, and easiest to start using. Expect similar stories about everyone else's clouds too.)

Also, much like file sharing services, they cannot magically fix the problem and stay in business. The very things that make them attractive and useful make them abuseable. If you can easily open an account and spin up some instances, so can a spammer or a cracker. If your instance can send out email and make outgoing connections, so can theirs.

Thus, my long term prediction is that you do not want to host an MTA machine in the cloud (any cloud), or at least you want to have a plan for getting a dedicated machine with dedicated (and clean) IP addresses when your cloud-hosted MTA starts getting blocked simply because it has a cloud IP address. Because I really do think that over the long term, much of the cloud vendor IP address space is inevitably going to wind up in blacklists.

(Perhaps cloud vendors will start trying to get around this by offering a separate 'clean' section of IP address space for their proven, long-term customers.)

Written on 19 April 2010.
« I think it's time to turn off automatic periodic ext3 fscks
Standard format Unix errors in Python programs »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Mon Apr 19 01:41:53 2010
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.