Spamhaus DROP twice?

Hello. Under Firewall-options I can activate to drop packets to and from evil sites (Spamhaus Drop).

image703×180 9.94 KB

Furthermore I can activate Spamhaus Drop in IP address blocklists.

Does it make sense to activate both or is it not necessary to activate this blocklist when I have activated it in the firewall options? I don’t quite understand the difference between these to possibilities.
Thanks.

You could also select emerging-compromised.rules in the Emerging Threats ruleset for IPS and that will also do the same thing.

There isn’t much point in selecting more than one of these and I go with the Firewall Options one as that clears it out in the simplest way.

The IPS would be the last choice for me as that would use a lot more processing capability.