On Mon, Jun 20, 2011 at 09:26:30AM -0400, Steve Richardson wrote:
Hi Jason,
On Mon, Jun 20, 2011 at 9:06 AM, Jason Baugher <jason@thebaughers.com> wrote:
Did everyone miss that the customer didn't request a /24, they requested a "/24s worth in even more dis-contiguous blocks". I can only think of one reason why a customer would specifically ask for that. They are concerned that they'll get blacklisted. They're hoping if they do, it will be a small block of many rather than one entire block.
When customers make strange requests without giving a good explanation, I have to assume they're up to something.
Jason
They provided an explanation, describing how the IPs were going to be used. Yes, part of it does have to do with being blocked, which *definitely* concerns me. One thing they do say is that they need several IPs per block to assign to their MTAs to handle such a large amount of email (3 to 5 million per day). Being primarily focused on layers 1 through 4, I don't have an incredible amount of experience with high volume email server configuration, so I have no idea if they are feeding me a line of BS or not.
I've worked at a company that did managed services (including the pipe and address range) of a "legitimate" bulk mailer[1], and the logic provided to you is "legit", as far as it goes -- that is to say, what they're saying is probably why they really want the space (whether it's a legitimate justification for the allocation of IP space as per current policies is a different matter). Basically, what your customer wants is to evade big e-mail providers' anti-spam measures. From their perspective, of course, I'm sure they think they're doing the "right thing", and the people they're delivering to really, really want this e-mail, and it's just the nasty e-mail provider getting in the way. As I understand it, a common technique at these big providers is to have reputation for IP addresses by spamminess, as an element of the overall determination of whether a particular e-mail is spam. If an address doesn't have a reputation (yet), then it's rate limited, to limit the damage that a new spammer can do before the e-mail provider gets feedback (from users) about whether the e-mail they're getting is spam or not. This reputation score (presumably) extends to the /24 (and probably, to a lesser extent, the WHOIS block, but I'm not as confident about that bit). What makes me think you're being scammed is that, for all the troubles we had with our customer, they never needed more address space once they'd gotten a good reputation for their initial allocation. Maybe my customer just didn't grow as much as yours did, so their spamcannon didn't need any more barrels. Still, I'm led to believe that once an IP address has good reputation, it should be effectively unlimited, so if they need more addresses it's because the current ones don't have real good rep...
My feeling is that (paraphrasing here) "we might get blocked occasionally" and "we need this many IPs on our MTAs because they can't handle the load" are *not* legitimate reasons for requesting so many addresses.
You are correct; as far as I know ARIN doesn't take those as valid justifications if you need to go back to them for more space, so you can't either. At this point they've admitted to you that they're shitting on your good name, and setting you up for headaches down the line (dealing with complaints from people who don't like their spam, having to clean up the IP addresses they discard when they're useless (or they leave). In techie utopia, you'd be able to sting them a fairly hefty surety to cover the costs associated with cleaning up their shit -- and then tell them that the IP addresses they've already got are enough, and if they need more capacity, they should clean up the addresses they've got. In reality, though, unless you've got management with a far more cavalier attitude to revenue than mine did, they won't do anything to piss off a customer who is, in their eyes, quite the cash cow. I'm mildly surprised that you got to evaluate their address request to the degree you have; I predict that any attempts to actually deny them more space (let alone extract additional compensation for their destruction of your resources) will be overridden by management. - Matt [1] I use scare quotes because as far as I'm concerned, if your business model is based on sending lots of e-mail, sooner or later you're going to be sending spam because that's what makes you the money. If you didn't personally collect the addresses, you're in for a world of hurt, and if you don't know that, you don't deserve to be in the business of bulk e-mail, and if you do know that, then at best you're a spammer-by-proxy. -- Q: Why do Marxists only drink herbal tea? A: Because proper tea is theft. -- Chris Suslowicz, in the Monastery