??
Think I did not understand you properly.
if IPs spam YOUR service ... they spam and spam until they get in
if IPs spam an easily secured thing (eg ssh secured by fail2ban) then THESE IPs get into a "jail" (so are blocked for X time), they do not even come to try to login, they are blocked "before" (so less CPU is used)
More "current" technology is surely something you experienced multiple times:
try to log into your amazon, paypal, ... account from a different city, or via mobile. You most probably cannot login but have to verify first (via mail ... kind of one time "two factor authentification").
This way it is harder for attackers to even trying to "login" (assume Russian hacker vs French user).
For this geo locating IPs has to work properly, or "provider identification".
Problems might arise if you use some of the "free wifi" organization hardware - eg some here in Germany are automatically routing every traffic through Sweden (avoids legal issues if someone shares copyrighted stuff...). That way you are prone to get such "verify first" messages
But these systems ...they are smart now - you do not get a mail for every "automated login attempt" - they might even present the information on the website first ("click here to send a verification mail"). Else you could easily spam around to various users.
They also check your browser and so on - this way they can "rate" your login visit and if it reaches a certain value ... the system reacts
.
For our "low scale" servers even "login tries" can be problematic ... if you think of "ddos". For this most often IP ranges are blocked. Most users (eg "German Website -> German users") will still be able to use the website but "foreign" IPs can be temporary blocked.
Qube is doing such stuff (range blocking) I think ... which is why some people here who come from Russia have trouble to even register.
bye
Ron
