Evil Amazon Hardware?

Had an instance of an Amazon Firestick attempting to send a bunch of email on TCP25. (the device could have been using TCP25 for other traffic as this port is rarely blocked) The email header didn’t match and just had a bunch of jibberish in it. Eventually we got put on multiple blacklists because of this traffic, and couldn’t send emails from devices onsite (backup reports, security system)

This is a good reason to be monitoring blacklists with a service such as hetrixtools.com even if you are not running an email server onsite.

Followup: found out later the user had ‘modified’ this device to get news feeds without a subscription

sduncan