We also have sometimes some strange IP blacklisting due to IDS, without any clue as why it was blacklisted. The only workaround we found for this is to whitelist the affected IP.
After we opened a ticket about it, there was supposed to be a more comprehensive and complete IDS log introduced after the MAPI release was completed, but it seems it was silently dismissed.
Last update about it was in July 2020
Good afternoon, I hope this email finds you well. Just touching base this afternoon to let you know development has added a task to address your suggestions regarding adding the IDS reasoning to the Administrative logs, or at the very least allow seeing the failure in the Normal logs rather than Detailed. Now that this is on their list I'll go ahead and close out this ticket. Thanks for your time Sebastien, and have a great rest of your week.
and
Good morning, I hope you are doing well today. I've received word this has been officially added to development's list. As such, I'll go ahead and close out this ticket today for the time being. Once we receive confirmation this has been resolved I will reopen the ticket to provide you the build number you can find the fix in. Please let me know if you have any outstanding questions when you have a moment. Thanks for your time, and have a great rest of your week!
then the ticket was closed.
Nothing new since :/
EDIT: I see that you found the source of your issue and this is great. I still think we miss a dedicated log about IDS blacklisting though.
Kind regards.
Sébastien Riccio
System & Network Admin
https://swisscenter.com