Address Assignment Question

Matthew Palmer mpalmer at hezmatt.org
Mon Jun 20 10:03:26 CDT 2011


On Mon, Jun 20, 2011 at 09:26:30AM -0400, Steve Richardson wrote:
> Hi Jason,
> 
> On Mon, Jun 20, 2011 at 9:06 AM, Jason Baugher <jason at thebaughers.com> wrote:
> > Did everyone miss that the customer didn't request a /24, they requested a
> > "/24s worth in even more dis-contiguous blocks". I can only think of one
> > reason why a customer would specifically ask for that. They are concerned
> > that they'll get blacklisted. They're hoping if they do, it will be a small
> > block of many rather than one entire block.
> >
> > When customers make strange requests without giving a good explanation, I
> > have to assume they're up to something.
> >
> > Jason
> 
> They provided an explanation, describing how the IPs were going to be
> used.  Yes, part of it does have to do with being blocked, which
> *definitely* concerns me.  One thing they do say is that they need
> several IPs per block to assign to their MTAs to handle such a large
> amount of email (3 to 5 million per day).  Being primarily focused on
> layers 1 through 4, I don't have an incredible amount of experience
> with high volume email server configuration, so I have no idea if they
> are feeding me a line of BS or not.

I've worked at a company that did managed services (including the pipe and
address range) of a "legitimate" bulk mailer[1], and the logic provided to
you is "legit", as far as it goes -- that is to say, what they're saying is
probably why they really want the space (whether it's a legitimate
justification for the allocation of IP space as per current policies is a
different matter).

Basically, what your customer wants is to evade big e-mail providers'
anti-spam measures.  From their perspective, of course, I'm sure they think
they're doing the "right thing", and the people they're delivering to
really, really want this e-mail, and it's just the nasty e-mail provider
getting in the way.

As I understand it, a common technique at these big providers is to have
reputation for IP addresses by spamminess, as an element of the overall
determination of whether a particular e-mail is spam.  If an address doesn't
have a reputation (yet), then it's rate limited, to limit the damage that a
new spammer can do before the e-mail provider gets feedback (from users)
about whether the e-mail they're getting is spam or not.  This reputation
score (presumably) extends to the /24 (and probably, to a lesser extent, the
WHOIS block, but I'm not as confident about that bit).

What makes me think you're being scammed is that, for all the troubles we
had with our customer, they never needed more address space once they'd
gotten a good reputation for their initial allocation.  Maybe my customer
just didn't grow as much as yours did, so their spamcannon didn't need any
more barrels.  Still, I'm led to believe that once an IP address has good
reputation, it should be effectively unlimited, so if they need more
addresses it's because the current ones don't have real good rep...

> My feeling is that (paraphrasing here) "we might get blocked
> occasionally" and "we need this many IPs on our MTAs because they
> can't handle the load" are *not* legitimate reasons for requesting so
> many addresses.

You are correct; as far as I know ARIN doesn't take those as valid
justifications if you need to go back to them for more space, so you can't
either.

At this point they've admitted to you that they're shitting on your good
name, and setting you up for headaches down the line (dealing with
complaints from people who don't like their spam, having to clean up the IP
addresses they discard when they're useless (or they leave).  In techie
utopia, you'd be able to sting them a fairly hefty surety to cover the costs
associated with cleaning up their shit -- and then tell them that the IP
addresses they've already got are enough, and if they need more capacity, 
they should clean up the addresses they've got.

In reality, though, unless you've got management with a far more cavalier
attitude to revenue than mine did, they won't do anything to piss off a
customer who is, in their eyes, quite the cash cow.  I'm mildly surprised
that you got to evaluate their address request to the degree you have; I
predict that any attempts to actually deny them more space (let alone
extract additional compensation for their destruction of your resources)
will be overridden by management.

- Matt

[1] I use scare quotes because as far as I'm concerned, if your business
model is based on sending lots of e-mail, sooner or later you're going to be
sending spam because that's what makes you the money.  If you didn't
personally collect the addresses, you're in for a world of hurt, and if you
don't know that, you don't deserve to be in the business of bulk e-mail, and
if you do know that, then at best you're a spammer-by-proxy.


-- 
Q: Why do Marxists only drink herbal tea?
A: Because proper tea is theft.
		-- Chris Suslowicz, in the Monastery





More information about the NANOG mailing list