Yawn. Old man yells at cloud (literally). So he's taking his little netblock ball and going home because of some failed purity tests: bad or nonexistent PTRs, excessive ICMP, oh my! The gentleman's agreements that held together the early internet and web and the unwritten practices like that are long gone, get with the times, there ain't any going back to how it was. Otherwise, feel free to disconnect entirely if you don't want to deal with the new reality.
I'm going to going out on a limb and guess that all of this traffic that isn't related directly to AWS, but its customers. You can set PTRs for your allocated elastic IPs with a request to support. But then again nobody is going to do it because... it doesn't matter. It may have mattered when you were hosting with a block that you actually truly owned, before the ICANN times, but no more. No one cares. Everything is ephemeral, so why should the reverse matter when things get cycled through addresses multiple times per day? If you're seeing excessive anything, then it's probably time to reach out to the abuse contact published in the whois. Let me help you with that:
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Use modern features built in to modern versions of common packages and products: rate limiting, redirects, filters, and on and on. If you're just blocking to block to make some sort of statement into the void, you're just hastening that balkanization.
AWS doesn't mess around with abuse reports either. If you send a report and it checks out, they're opening a case with the customer in question telling them to explain themselves.
I ended up blocking Amazon SES because I was receiving hundreds of obviously spam emails across all my inboxes every day for weeks. I dutifully sent multiple reports of this obvious spam to the listed spam/abuse contacts for Amazon SES.
The end result of my efforts was:
1) No feedback at all from my reports to Amazon - not even an acknowledgement that my report had been received
2) The spam continued unabated for weeks until I finally had enough and just blocked the entire Amazon SES service
That was a few years ago and maybe they are more responsive now. They sure as hell weren't responsive back then.
I'm going to going out on a limb and guess that all of this traffic that isn't related directly to AWS, but its customers. You can set PTRs for your allocated elastic IPs with a request to support. But then again nobody is going to do it because... it doesn't matter. It may have mattered when you were hosting with a block that you actually truly owned, before the ICANN times, but no more. No one cares. Everything is ephemeral, so why should the reverse matter when things get cycled through addresses multiple times per day? If you're seeing excessive anything, then it's probably time to reach out to the abuse contact published in the whois. Let me help you with that:
Use modern features built in to modern versions of common packages and products: rate limiting, redirects, filters, and on and on. If you're just blocking to block to make some sort of statement into the void, you're just hastening that balkanization.