Am 03.12.19 um 09:38 schrieb Heiko Schlittermann via Exim-users:
>
> After a password change, a "forgotten" device may cause blocking that
> official IP, the "forgotten" device is masquerading as. This will
> prevent other successfully configured devices to login from that IP.
>
> With your approach this IP will be whitelisted, given that at least one
> device is able to login sucessfully.

I don't think, you thought this throu to the end... this is the consequence:

"At my local network, I can bruteforce the mailserver accounts, because
one of the clients logged in successfully."

Nothing you really wanne make possible. Don't do this.

Blocking IPs is also a early warning system, which detectes mistakes
very fast. I hurts when it hits, but it speeds up the fix also.


Best regards,
Marius

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to