Having only the mail subdomain open for public, we get around 5 IPS banned every day by fail2ban mostly for postfix and postfix-ddos.
Sometimes there are several IPs from the same provider. I’m just wondering if there would be any result if I would report them to the abuse email addresses or not - but for sure it would require a lot of effort on the long run.
But what about badIPs, AbuseIPDB or other sites?
Does anyone use them to report and/or use their lists? What is your experience with the black lists?
Maybe one/some of them could be integrated into Nethserver by default?
What are your opinions?