Amazon Web Services

Amazon Web Services

The Amazon Web Services (AWS) is a cloud computing platform that has datacenters in various locations around the world and provides various web services such as Elastic Compute Cloud (EC2) in which you can use it to instantiate e-mail services.

The administrator of email server on EC2 should stick to some important observations about the correct settings for that emails sent by it will widely accepted by all email providers.

 

Dynamic IPv4 allocation for EC2

 

All EC2 uses by default dynamic IPv4 allocation. AWS allocates a new random IPv4 each time an EC2 is started. It is possible to verify the dynamic character of the EC2 IPv4 blocks through the WHOIS system:

 

NetRange: 75.101.128.0 - 75.101.255.255
CIDR: 75.101.128.0/17
NetName: AMAZON-EC2-4
NetHandle: NET-75-101-128-0-1
Parent: NET75 (NET-75-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Amazon.com, Inc. (AMAZO-4)
RegDate: 2008-02-06
Updated: 2014-09-03
Comment: The activity you have detected originates from a
Comment: dynamic hosting environment.
Comment: For fastest response, please submit abuse reports at
Comment: http://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/AWSAbuse
Comment: For more information regarding EC2 see:
Comment: http://ec2.amazonaws.com/

 

It is possible to determine if an IPv4 allocated to EC2 is dynamic if the rDNS of it is with any of these patterns:

 

  • ec2-#-#-#-#.ap-northeast-#.compute.amazonaws.com
  • ec2-#-#-#-#.ap-south-#.compute.amazonaws.com
  • ec2-#-#-#-#.ap-southeast-#.compute.amazonaws.com
  • ec2-#-#-#-#.ca-central-#.compute.amazonaws.com
  • ec2-#-#-#-#.compute-#.amazonaws.com
  • ec2-#-#-#-#.eu-central-#.compute.amazonaws.com
  • ec2-#-#-#-#.eu-west-#.compute.amazonaws.com
  • ec2-#-#-#-#.sa-east-#.compute.amazonaws.com
  • ec2-#-#-#-#.us-east-#.compute.amazonaws.com
  • ec2-#-#-#-#.us-gov-west-#.compute.amazonaws.com
  • ec2-#-#-#-#.us-west-#.compute.amazonaws.com

 

The AWS does not answer rDNS requests for EC2 for dynamic IPv4. The AWS attends this type of request only for static allocation of IPv4 that, at nomenclature of the AWS, is called Elastic IP.

 

Static IPv4 allocation for EC2

 

The Elastic IP is the static version of IPv4 for EC2. For allocate an Elastic IP to an EC2, just go to the EC2 control panel and click on the “Elastic IPs” menu within the “NETWORK & SECURITY” submenu:

 

 

From the Elastic IP main screen, click on “Allocate new address” to get a new static IPv4 from AWS:

 

Obtained the new static IPv4, click “Actions” and “Associate address” then:

 

 

In the address association screen, select the desired EC2 instance and the static IPv4 that must be associated with it and press the “Associate” button:

 

 

If all the steps are successful, your EC2 will now respond for the new static IPv4:

It is important to remember that the old dynamic IPv4 will be disassociated from EC2 when the new Elastic IP is associated. Before performing this operation, be sure that this will not cause service interruption on EC2.

 

Configuration of rDNS for Elastic IP

 

Any e-mail server must have rDNS properly configured with the hostname of the machine. For request a custom rDNS to an Elastic IP just fill this form at AWS:

 

Configurable Reverse DNS for Amazon EC2’s Elastic IP Addresses

 

It is very important to remember that it is recommended that every e-mail server should have a valid FCrDNS and not just the rDNS configured.

 

Use of dynamic IPv4 on EC2

 

The dynamic IPv4 allocation should be avoided at all costs specifically on EC2 e-mail servers for the same reasons that should be avoided on any dynamic IPv4 machine of any other ISP.

 

Many spammers use EC2 with dynamic IPv4 to fire SPAM without any means of identifying it. When the IPv4 is listed in several RBLs, the spammer restarts the EC2 machine, receives a new IPv4, and repeats the process indefinitely. For this reason, our DNSBL has a much smaller tolerance when the IPv4 is dynamic allocation of EC2.

 

If you are using an EC2 for legitimate email sending, request an Elastic IP for your EC2 in order to avoid having your IPv4 listed because of the low tolerance of our DNSBL.

 

Dedicated email sender service

 

The Amazon Simple Email Service (Amazon SES) is a dedicated sender service from Amazon. If you do not want to deal with the complications of setting up your own EC2 e-mail server, consider hiring this service.

 

If you wish to maintain your own e-mail service with EC2, consider using this service only to send corporate messages and hire Amazon SES to send email marketing for you. You can use the Amazon SES API to integrate Amazon SES functionality directly with your applications.

 

If your EC2 is with Elastic IP, and you are not sending promotional material through this same IPv4, consider requesting the listing of this IPv4 in our DNSWL. This DNSWL listing may improve the deliverability of your messages.

 

 

External links

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#Using_Elastic_Addressing_Reverse_DNS

https://aws.amazon.com/blogs/aws/reverse-dns-for-ec2s-elastic-ip-addresses/

Leandro Carlos Rodrigues

Bacharel em Ciência da Computação pela FEI

No Comments

Post a Comment

Comment
Name
Email
Website