I think they present a reasonable argument (and their methods obviously work for them), but I don't agree with them 100%.
They present several arguments both for and against dedicated IPs. From my own experiences, I don't believe that the "cons" outweigh the "pros".
FTA:
> By offering a dedicated IP for the majority of customers the ESP is basically saying “You do what you want, if you get blocked it’s your fault.” It also places a lot of heavy lifting on the customer, which defeats the purpose of paying for an infrastructure product in the first place.
No, by offering a dedicated IP the ESP is saying, "I don't want ONE customer to ruin things for all other customers". It doesn't one you can be careless or not take basic safeguards. It means that any "fallout" is contained and collateral damage is minimized.
> In addition to this, new dedicated IPs are just as bad as IP addresses with a bad reputation, since it has no reputation at all.
I'm not sure that's the case. Anecdotally, I've brought up additional mail servers at times and put them into service without doing any "warming up" and not ran into issues. My servers aren't sending out any bulk mail, however, so perhaps this is why it hasn't been an issue.
> The other misconception with dedicated IP addresses is that each one is completely independent. For instance, if one customer gets blocked, all other IPs are fine, right? Wrong. ISPs and blacklists will monitor entire IP ranges and domains. If one IP causes enough problems, traffic from the entire subnet or domain could be blocked.
Yeah, some of the RBLs as well as myself sometimes block ranges. That typically only happens when there are $bignum IPs in that range that have already been blocked. Pretty much everyone blocks individual IPs at first. If it happens that, for example, I end up blacklisting 15 IPs out of a /24 (allocated to somewhere in China, perhaps) then yes, I'll often just list the whole /24 instead. That's not the first step, however.
> The final reason, and this one is important, is that ISPs are starting to place a lot of weight on domain reputation, not just IP reputation. My guess is that over time IP reputation will slowly fade away while more weight is given to domain reputation along with authentication standards like DKIM.
I certainly agree that domain reputation is becoming more important. It's not an "either or", however. While the reputation of the sending domain (assuming valid DKIM signatures) is certainly one factor to consider, IP reputation isn't going away any time soon. Domain reputation is just an additional attributes that will be considered when making the "spam/not spam" decision.
One certainly shouldn't use IP reputation, in isolation, to make that "spam/not spam" decision but as just one variable in the whole formula. The first time I blacklist an IP, it's automatically removed after 12 hours. Shit happens sometimes, even with many protective measures in place. Every subsequent time a "repeat offender" gets listed, however, the length of time it remains listed grows until, eventually, it just stays on the list. In addition, as mentioned above, ranges sometimes gets listed as well. A quick glance shows that the largest netblock I've listed is a /12, as well as a handful of /15s and /16s, but those are exceptions. The overwhelming majority (of ranges) are /24s or smaller.
They present several arguments both for and against dedicated IPs. From my own experiences, I don't believe that the "cons" outweigh the "pros".
FTA:
> By offering a dedicated IP for the majority of customers the ESP is basically saying “You do what you want, if you get blocked it’s your fault.” It also places a lot of heavy lifting on the customer, which defeats the purpose of paying for an infrastructure product in the first place.
No, by offering a dedicated IP the ESP is saying, "I don't want ONE customer to ruin things for all other customers". It doesn't one you can be careless or not take basic safeguards. It means that any "fallout" is contained and collateral damage is minimized.
> In addition to this, new dedicated IPs are just as bad as IP addresses with a bad reputation, since it has no reputation at all.
I'm not sure that's the case. Anecdotally, I've brought up additional mail servers at times and put them into service without doing any "warming up" and not ran into issues. My servers aren't sending out any bulk mail, however, so perhaps this is why it hasn't been an issue.
> The other misconception with dedicated IP addresses is that each one is completely independent. For instance, if one customer gets blocked, all other IPs are fine, right? Wrong. ISPs and blacklists will monitor entire IP ranges and domains. If one IP causes enough problems, traffic from the entire subnet or domain could be blocked.
Yeah, some of the RBLs as well as myself sometimes block ranges. That typically only happens when there are $bignum IPs in that range that have already been blocked. Pretty much everyone blocks individual IPs at first. If it happens that, for example, I end up blacklisting 15 IPs out of a /24 (allocated to somewhere in China, perhaps) then yes, I'll often just list the whole /24 instead. That's not the first step, however.
> The final reason, and this one is important, is that ISPs are starting to place a lot of weight on domain reputation, not just IP reputation. My guess is that over time IP reputation will slowly fade away while more weight is given to domain reputation along with authentication standards like DKIM.
I certainly agree that domain reputation is becoming more important. It's not an "either or", however. While the reputation of the sending domain (assuming valid DKIM signatures) is certainly one factor to consider, IP reputation isn't going away any time soon. Domain reputation is just an additional attributes that will be considered when making the "spam/not spam" decision.
One certainly shouldn't use IP reputation, in isolation, to make that "spam/not spam" decision but as just one variable in the whole formula. The first time I blacklist an IP, it's automatically removed after 12 hours. Shit happens sometimes, even with many protective measures in place. Every subsequent time a "repeat offender" gets listed, however, the length of time it remains listed grows until, eventually, it just stays on the list. In addition, as mentioned above, ranges sometimes gets listed as well. A quick glance shows that the largest netblock I've listed is a /12, as well as a handful of /15s and /16s, but those are exceptions. The overwhelming majority (of ranges) are /24s or smaller.