Dňa 10. decembra 2025 11:53:36 UTC používateľ John Fawcett via mailop <[email protected]> napísal:
>those IPs are also on Spamhaus XBL. Do you have use cases where legitimate >users need to login from exploited ips? If you don't get a lot of need for it, >i.e. if your users generally use IPs that are not on blocklists like XBL, then >you could evaluate to block up front based on XBL and reserve your ip based >login failures as a second line of defence. Even if you have to take care of >an occasional white list request you might find this approach blocks more >exploit attempts with less effort. Yes, i have use case for legitimate users with IP on XBL -- end users have often dynamic IP, which changes, and thus they can get new IP which is already on XBL and will take ~2 days until XBL entry expires. I learned hard to don't use XBL for user logins (some years ago). regards -- Slavko https://www.slavino.sk/ _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
