On 23/10/2013 05:45, Rick Romero wrote:
IMHO, the problem with all out blocks on auth is the same as doing an
all
out block based on SPF - so many IPs are shared you can easily get
false
positives.
Blocks using SPF will not be FP's, they will be by your internal
decision, so will be a genuine block 'hit', even if you don't keep your
RR current, that's the admins fault, not the users, or blockers.
But I agree with you on the rest, since of those 500K IP's Marc claims
to have I'd bet that 99% are hijacked innocent pc's/servers, and of
them, >75% would likely be a one time usage.
