Email server security plays a major role in IT infrastructure protection. One of the many challenges facing the world today is cyber warfare, a reality where evolving geopolitical tensions are shaping and changing cyber risk for organizations and nations. Another challenge is email spam attack, which sends large volumes of email to an address to overwhelm the servers.
Geo-blocking is one of the tools that can be used to mitigate these threats. After analyzing the email server logs, it is likely that most attack attempts come from non-targeted counties. In this case, national IP address blocking should apply. The best practice for country blocking is at the firewall level, not at the email application level.
There are side effects when using country blocking because in some cases a small number of visitors may come from blocked countries. Therefore, a whitelist needs to be developed to enable exceptions.