To whom it may concern,
We have a number of software vendor that rely on Amazon AWS as their network infrastructure. Because of this, they are using Amazon outgoing SMTP to send out reports, notification and updates. What is the best practise to allow incoming email without running into issue with SFP and prefer not to whitelist the entire Amazon SMTP server farm.
The From portion would show "firstname.lastname@example.org". This character before the @ sign would change for every email received. At this time, we whitelisted amazonses.com to prevent SPF or barracuda from blocking the email. But this is not preferred because of a recent SPAM attack, in which one users was targeted. The user mailbox was flooded with various mailing list request, I created a recipient quarantine rule on my Barracuda gateway. It successfully block majority of DDOS, except for the source is from Amazon, which was whitelisted.
Any advice or suggestions is greatly appreciated.