How do Cloud providers deal with outbound spam?
When Amazon Web Services (AWS) used a live webcast to announce their new DynamoDB system, with Urz Wendler looking just shy of Steve Jobs (although a few pounds heavier), I knew that the cloud had finally arrived. One of the new buzz words surrounding the cloud (there are many) is IaaS, which stands for "Infrastructure as a Service". Amazon Web Services was perhaps the first IaaS provider. Among them, VPS.net and RackSpace were early entrants. But as the market matures, an increasing number of companies now provide an IaaS, including HP, who relatively recently launched the HP Cloud. Why so many providers? Shouldn't there be consolidation in the IaaS space as it matures?
No, there shouldn't be consolidation yet, and this is all thanks to the widespread availability of excellent, open source IaaS offerings like Cloud.com and OpenStack, as well as commercial offerings from companies like VMWare and even startups like OnApp, whose own system powers the massive VPS.net IaaS. These IaaS packages make it easy for someone to set up their own IaaS, in much the same way that Zimbra made it easy for anyone to start offering a great hosted email service.
Of course, as more public IaaS clouds sprout up, we're seeing more inquiries from IaaS providers who are looking for a way to combat spam and other forms of abuse originating within their newly minted IaaS clouds. Because it's so easy to set up new virtual servers and other resources with a cloud environment, public IaaS cloud operators are besieged by bad guys, who use fraudulent means to open new accounts, set up spamming boxes (and other bad things like click fraud, child porn hosting, etc.) and begin blasting away at the good reputation of the IaaS provider.
As we see these IaaS services mature, I'm confident we will also see increased demand for services and products to combat fraud within the cloud. And, of course, I look forward to helping these companies with that problem.