Am 03.12.19 um 09:38 schrieb Heiko Schlittermann via Exim-users:
> After a password change, a "forgotten" device may cause blocking that
> official IP, the "forgotten" device is masquerading as. This will
> prevent other successfully configured devices to login from that IP.
> With your approach this IP will be whitelisted, given that at least one
> device is able to login sucessfully.

I don't think, you thought this throu to the end... this is the consequence:

"At my local network, I can bruteforce the mailserver accounts, because
one of the clients logged in successfully."

Nothing you really wanne make possible. Don't do this.

Blocking IPs is also a early warning system, which detectes mistakes
very fast. I hurts when it hits, but it speeds up the fix also.

Best regards,

## List details at
## Exim details at
## Please use the Wiki with this list -

Reply via email to