I've had the following in my fqrdns.pcre checks for quite awhile:
/^ec2(-[12]?[0-9]{1,2}){4}\.compute-[0-9]\.amazonaws\.com$/ REJECT Generic -
Please relay via ISP (amazonaws.com)
And I have noticed that I frequently get a series of 50 or more connection
attempts from some aws server out there in a burst (50+ connections in a few
minutes).
Fine, everything is working as it should with my settings, the connection is
dropped right away (although the REJECT is not logged).
Am I right in blocking these connections? Is there any reason for an aws server
to be sending mail directly that I am overlooking?
(the fqrdns.pcre file is a file I downloaded several years back and have made
occasional modifications too, so I am not sure if this was something I added or
part of the original file, though I suspect the latter)
--
And what rough beast, its hour come round at last,
Slouches towards Bethlehem to be born?
