Google AppEngine blocked by MailChimp because of security issues

[Richard Druce]

We noticed some of our posts to MailChimp from AppEngine were being returned with 403 error messages and access denied. We followed up with MailChimp who said the IP addresses were blocked permanently because they had been detected running running head scans of their network. 

What controls does Appengine Have in place to prevent this kind of thing and is there anything we can do apart from migrate of Appengine to use external services? Can Appengine stop re-using the offending IP addresses?  

[Kaan Soral]

I think a virtual_ip feature might be nice for these kind of problems, you could buy IP's, and add them as an argument to .fetch calls like .fetch(virtual_ip="1.2.3.4") etc. - As a lot of people are experiencing similar issues, mainly while fetching url's

Other than this idea, let's hope they can fix your issue

[Paul Davies]

Did you ever resolve this? I am running into this now

[Richard Druce]

Hi Paul,

No we didn't. There are a number of 'hacks' out there which involve setting up a clean IP and proxy-ing requests through that but none of these are particularly satisfactory given the promise of Appengine being platform as a service. If I find myself having to set up proxies then the value of the service is greatly diminished. 

Cheers,
Richard