diff --git a/core/admin/mailu/configuration.py b/core/admin/mailu/configuration.py
index 6a3641fe..a4a42d03 100644
--- a/core/admin/mailu/configuration.py
+++ b/core/admin/mailu/configuration.py
@@ -152,6 +152,7 @@ class ConfigManager(dict):
         self.config['SESSION_COOKIE_HTTPONLY'] = True
         self.config['PERMANENT_SESSION_LIFETIME'] = timedelta(hours=int(self.config['SESSION_LIFETIME']))
         hostnames = [host.strip() for host in self.config['HOSTNAMES'].split(',')]
+        self.config['AUTH_RATELIMIT_EXEMPTION'] = set(ipaddress.ip_network(net.strip(), False) for net in config['AUTH_RATELIMIT_EXEMPTION'].split(','))
         self.config['HOSTNAMES'] = ','.join(hostnames)
         self.config['HOSTNAME'] = hostnames[0]
         # update the app config itself
diff --git a/core/admin/mailu/utils.py b/core/admin/mailu/utils.py
index d2bcc7a3..dda927b0 100644
--- a/core/admin/mailu/utils.py
+++ b/core/admin/mailu/utils.py
@@ -80,10 +80,8 @@ def extract_network_from_ip(ip):
         return str(n.supernet(prefixlen_diff=(128-int(app.config["AUTH_RATELIMIT_IP_V6_MASK"]))).network_address)
 
 def is_exempt_from_ratelimits(ip):
-    for range in [net.strip() for net in app.config['AUTH_RATELIMIT_EXEMPTION'].split(',')]:
-        if ipaddress.ip_address(ip) in ipaddress.ip_network(ip, False):
-            return False
-    return True
+    ip = ipaddress.ip_address(ip)
+    return any(ip in cidr for cidr in app.config['AUTH_RATELIMIT_EXEMPTION'])
 
 # Application translation
 babel = flask_babel.Babel()