From: "Suresh Ramasubramanian" <ops.lists@gmail.com>
Subject: Re: amazonaws.com?
[[.. sneck ..]]
With respect, in such cases, amazon is better off firewalling outbound
port 25 (or indeed, outbound anything at all) for accounts that dont
specifically ask for it. Quite a lot of EC2 compute time is for
number crunching and such - not just hosting, or email, or ..
I'm hard-pressed to think of a single letigimate use for a _compute_ cluster
that requires outgoing access to more than a handful (i.e. an _itemizable_
list) of machines.
Am I missing something obvious?
If not, such a "block all outgoing, except for listed exceptions" policy
could be 'trivially' implemented with an extra list field on the sign-up
form, coupled with automated transformation into firewall rules.