Author: Richard James Salts Date: To: exim-users Subject: Re: [exim] New compromise...?
On 25 September 2019 8:11:10 pm AEST, Julian Bradfield via Exim-users <exim-users@???> wrote: >On 2019-09-25, Sebastian Nielsen via Exim-users <exim-users@???>
>wrote:
>> list of CIDR ranges that your country, or even better, your company,
>uses.
>>
>> If different users belong to different countries, for example if you
>run a
>> webhosting company, I would suggest putting the country that was used
>to
>> either register the account, or the country who did issue the credit
>card that
>> was used to pay for the webhosting, in a database.
>
>Um, some people do occasionally travel, you know.
If you're a company you can make a policy to require vpn with 2 factor auth in order to use mail while on the road. So allowing auth from a very small ip range might be better in this context.