"A statement of the security measures and mechanisms you will be implementing" AWS (Unblock port 25)

Question

I tried to unblock port 25 on my ec2 instance so I could send emails and I was asked to provide this:

A statement of the security measures and mechanisms you will be implementing to avoid being implicated in the sending of unwanted mail (Spam)

What does this mean, like what is an example of those security measures? I have no idea what I'm supposed to respond to with that. All I plan on doing is sending emails to verify email accounts and change passwords for user accounts on my website.

Answer 1

AWS actually restricts access to this port for security reasons. The suggestion is try using another port if you can (for example SES works over port 587 as well).

You can however request that this restriction is removed, to do this you will need to do the following steps:

First, create a corresponding DNS A record:

• If you're using Amazon Route 53 as your DNS service, either create a new resource record set that includes an A record, or update your existing resource record set to include a new A record.
• If you're using a service other than Amazon Route 53, ask your DNS provider to create an A record for you.

Then, request AWS to remove the port 25 restriction on your instance:

1. Sign in with your AWS account, and open the Request to Remove Email Sending Limitations form.
2. In the Use Case Description field, provide a description of your use case.
3. (Optional) Provide the AWS-owned Elastic IP addresses that you use to send outbound emails as well as any reverse DNS records that AWS needs to associate with the Elastic IP addresses. With this information, AWS can reduce the occurrences of emails sent from the Elastic IP addresses being marked as spam.
4. Choose Submit.