Recent Posts

Why do you need so many IP addresses (part 2)?

In my last post I discussed the background as to why an ISP will require their users to use their IP address allocation efficiently. I also mentioned in passing that I’d discussed ESP address allocation with both ESPs and ISPs recently.
The ESP was talking about assigning a couple of dozen IP addresses to each customer, because they might be useful for spreading load and it would provide some flexibility for moving from one IP address to another if one should get blocked. And IP addresses are pretty much free. They were wrong.
The ISP was considering an application for 750 IP addresses from a new ESP customer. They assumed that there was no possible reason other than snowshoe spam for an email related customer to need that many IP addresses. While I suspect they may have been right about the specific potential customer, the general assumption was wrong.
I’ve seen a lot of reasons given by ESPs for why they need so many IP addresses:

Read More

Why do you need so many IP addresses?

IP addresses aren’t an unlimited resource, not on the current version of the Internet anyway. There are only a limited number of them and, while some of the doom and gloom proclamations about us running out in the next year or two may be exaggerated, we are running low on them and should be conserving them where we can.
An ISP can’t create new IP addresses from whole cloth. Instead, when they need more IP addresses they must petition one of the regional internet registries (RIRs) for a new set of addresses which they can then parcel out to their customers. There’s a RIR for each part of the world. ARIN distributes IP addresses for use in North America, RIPE handles IP addresses for Europe, APNIC handles them for the Asia-Pacific region and LACNIC for Latin America.
Each RIR enforces a fairly complex set of rules on the ISPs to ensure that the distribution of IP addresses is somewhat fair and reasonably parsimonious. The rules vary slightly from RIR to RIR in the details, but are fairly consistent in the general meaning. Unless you’re petitioning your local RIR for your own chunk of addresses for some reason (which you aren’t, unless you have a genuine need for more than 2000 IP addresses, or a legitimate need for more than 500 addresses and a complex redundant network setup) you only need to care about the rules that each RIR asks the ISP to enforce on their customers.
When an ISP asks, for example, ARIN for a new block of IP addresses they may be asked to demonstrate efficient usage of the IP addresses they’ve received previously. If they can’t do that, they may not be able to get the new IP addresses. This is, obviously, a Big Deal so ISP network engineers do their best to use address space efficiently, and try and stop their sales reps from handing address space out like candy at Halloween. The end result is that an ISP really does need to have you justify your IP usage – they’re not just being mean or trying to gouge you for more money.
There are several rules that an ISP might follow. One is that an initial allocation of more than, perhaps, 16 addresses will need some justification of how a quarter of those will be efficiently used immediately and how half of them will be used within six months. Another is that if you’re asking for additional IP addresses you’ll need to demonstrate that you’re efficiently using perhaps 80% of the addresses you’ve been assigned previously. The details may vary, and you can probably negotiate with the ISP, but eventually the ISP will need to justify themselves to ARIN, so they’re going to enforce something like this on their customers – or make you pay through the nose to cover the risks they take by bending the rules.
So what does efficient usage mean? That’s very simple in some cases, fuzzier in others. If you have 50 physical machines providing services on the internet, that’s a good justification for 50 IP addresses. If you’re providing internet access to end users (cable modems, DSL, dial-up) then one IP address per user is easy to justify. Virtual webhosting doesn’t justify one IP address per user, but virtual webhosting using SSL does. This is one of those rare cases where you really do have to explain your business model, showing that you’re making efficient use of the addresses you have, and that you have some room for expected growth but aren’t wasting address space by leaving too many addresses idle.
How about ESPs and other bulk mail senders – what does efficient address space usage mean for them? That’s something that seems, from recent conversations I’ve had, to be poorly understood by either ISPs or ESPs. And it’s fairly complex, that’s for sure. So I’ll save that for my next post.

Read More

Dealing with blacklists

Al has a good post listing the top 5 things senders should remember when dealing with blacklists.
One of the critical things to remember about blocklists is that they are an early warning sign. Sure, some of them are one crank and his cat and will not hurt your overall delivery. A sender may be listed for totally spurious reasons . On the other hand, many of the widely used public lists and the private lists at the big ISPs, list IPs that they see as doing something wrong.
The challenge for anyone listed on any IP based blocklist is to look inside and determine what it is that they’re doing that caused the listing. The first step is to look at the technical issues, does your mail look like something coming out of infected bots? Is there a configuration problem? If the answer is no, then senders have to look at their practices. Are they sending mail to people who don’t expect it? Are they sending mail to people who didn’t ask for it? Most listings that will affect large numbers of recipients fall into the above 2 categories: technical or practices.
Technical problems can be fixed easily, once they’re identified. Permission or practice problems can also be fixed, but may require a sender reassess how they are using email and what value email brings to the business.

Read More

How NOT to get your mail unblocked

My friend Barry™ contacted me earlier this week to rant about senders contacting him asking for blocks to be lifted.

Read More

They are all Barry. Listen to Barry

Al has a guest post up from an ISP rep (now universally referred to as Barry) about senders contacting ISPs. It lists things senders do that Barry Don’t Like.
Listen to Barry.
There are also comments from various other Barrys in the comments. Those are worth reading, too.

Read More

Matt Blumberg joins the DMA Board

Matt Blumberg, CEO of ReturnPath, announced on his blog today that he has joined the board of the DMA. The blog post is both an explanation of why he did it and an agenda for what he wants to accomplish.

Read More

Who are you and why are you mailing me?

I’ve mentioned here before that I use tagged addresses whenever I sign up for. This does help me mentally sort out what’s real spam and what’s just mail I’ve forgotten I’ve signed up for.
Yesterday, I received and email from e-fense.com thanking me for my interest in their new product. The mail came to a tagged address, but not a tag that I would have given to e-fense.com. Their opening paragraph said:

Read More

Permission: it may not be what you think it is

I’ve talked frequently about permission on this blog, and mentioned over and over again that senders should correctly set expectations at the time they collect permission. Permission isn’t permission if the recipient doesn’t know what they’re agreeing to receive.

Read More

TWSD: My lunch is not spam

My ISP information page occasionally gets trackback pings from various blog posts. This week one of the trackbacks was from a blog post titled “One man’s Spam is another man’s lunch.” The theme of the blog post was that email marketers are poor, put upon business people that have to contend with all sorts of horrible responses from recipients, spam filtering companies and ISPs.
Since the poster took the time to link to my blog, I thought I’d take the time to look in detail at his post and talk about how likely it is to work.

Read More

Suppressing email addresses: it's good for everyone

Every sender, big or small, should have the ability to suppress sending to any particular email address. They must, absolutely, be able to stop sending mail to anyone for any reason. Not only is this a legal requirement in every jursidiction that has laws about email marketing, it’s just good business sense.
What happens when marketers fail to be able to suppress email addresses? At some point they’re going to mail someone who gets annoyed enough with them to make it public that they are too incompetent to run an email program.
This happened to the folks over at spamfighter.com recently. They have been spamming Neil Schwartzman (spamfighter, Executive director of CAUCE North America, Director of Standards and Certification at ReturnPath) since somewhere in 2007. Yes, really, 2007. Neil has asked them politely to stop spamming him. He’s explained he’s not actually using their software. They appear to be incapable of running a suppression list, despite telling him 3 times that they have removed his address.
Showing much more restraint than I would have with a sender who couldn’t stop sending me email, Neil gave them years to fix their process before blogging about his experiences. Instead of fixing their broken process they instead responded to his blog post insisting their mail wasn’t spam because they weren’t sending Viagra mail or 3rd party offers.
We can argue about the definition of opt-in, we can argue about whether registration is permission, we can argue about a lot of things, but when the recipients says “stop sending me email” and a sender says “we’ll stop sending you email” and then fails to actually stop sending email I think the recipient is fully justified in calling the email spam. Sorry spamfighter.com, your process is broken and your inability to fix it 2 years after the brokenness was brought to your attention does not give anyone a good impression.
Every email sender should have the ability to stop sending mail to recipients. If that’s not currently possible with your technology, it should be a very high development priority.

Read More
Tags