Maybe I'm just not finding it... but.. I don't see any sort of logging for what has come and gone in the Temporary Black list... is there ???
I see in my SMTP logs that a user was receiving:
"421 Server is busy, try again later." response returned.
IP is blacklisted
But, that IP is NOT in our BlackList so I have to assume that message was coming from the Temp BlackList due to some IDS violation (which also does not seem to log anything anywhere).
The same account successfully connects from 2 other IP addresses all day long.
Is there somewhere a limit on the number of simultaneous sessions each account can have ?