>> Frankly, this looks to me like bulk-email-laundering. That is, it's a >> way to convey email "reputation" from one of 3-8 "trusted" IPs to the >> 1600 "unknown" ones. > > This discussion is very intriguing to myself, no matter how OT. I'm > quite sure I'm not the only one. > > It sounds to me like someone needs help on how to hide a botnet using an > iptables script at first glance. It can't be that of course so why are > 1600 hosts wanting to send bulk email ? > > spam has given email marketing such a bad reputation that I'd really > like to know why there are 1600 hosts that need to send > business/marketing email. Why 1600 ? > > Sorry I'm new to the list and I realise I am contributing to the > OT-ishness of this thread. I said to myself "don't mention port 25, you'll get a barrage of insults..."! But I realise it is intriguing to many people, and it's very easy to jump to conclusions. I suppose the simplest way to explain why 1600 is the following. If we accept that it is valid for a client to have an IP and this client will send their newsletters from only this IP and build reputation on this IP, then it is trivial: 1600 IPs = 1600 clients. If an intern for company X makes a booboo (something like http://it.slashdot.org/story/11/12/28/1929232/new-york-times-hacked for example!) then company Y shouldn't suffer, should they? They will need different IPs then. Mailchimp claims (or claimed at one point) to have 100,000 clients (I am not involved with Mailchimp in any way, they are one of the biggest in the industry so I'm picking on them). So 100000 IPs? It's more complicated than that unfortunately, as MSPs and ISPs require certain minimum levels of traffic. The blog link above in the thread mentions why you might not want a dedicated IP if you don't send enough. The problem being that if you don't send for a while, and then suddenly start sending again, everything gets completely blocked or put in the spam folder. The vast majority of companies can't warrant employing someone who spends their days researching the latest requirements for sending newsletters, so they sub-contract that to an application service provider (an Email Service Provider). So we need lots of IPs and we need to manage them efficiently on behalf of our clients. Actually we don't use nearly 1600, as currently IP management is not as optimised as it would be with a NAT (or similar) solution. We have a lot of ad agencies as clients though, and they are only working for their clients (white label or not), and we have many, many more than 1600 "end clients". We also definitely have clients that want to have redundancy on connection providers (going over different backbones, etc.), and bandwidth is cheaper on X but more reliable on Y, etc. so we need different providers. My solution needs to be able to support more than we could ever throw at it, so I want it to be able to support 1600 IPs from the start. Cheers Anton ps. Also see my response to Lloyd's last post. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
