I totally agree about rate limiting, mostly against bad passwords that you are not in control of. But banning failed attempts is mostly not interesting if you ask me. It feels like the right thing to do, but IP addresses can change and other measures are better.

It’s debated whether software like fail2ban actually helps or if it just makes attacks visible that would anyways fail if you have up to date software. Oftentimes, defensive software adds attack-surface because it adds more software that can be targeted by attackers.

Fail2ban might help with protecting against exploiting of bad passwords though.

Can only second this

Actually not. It’s part of the FROM

Yeah, that sucked :(

Mailbox.org is decent as well

Bettel has been Prime Minister of Luxembourg for years now as well.

They are usually not very cozy though since they are barely legal and they don’t want to get too much attention.