This was reported a while back, and I think also mitigated. Could it be that these IPs were blacklisted >1 month ago and just still in the local permanent blacklist file?
For what it's worth, I feel that any IP that gets automatically blacklisted should be temporary and follow the fail2ban principle. Something like 1 minute tempban first time, doubling it each time it meets criteria again, but never permanently.
Occasionally just unbanning every IP in the permanent blacklist files is currently a mitigation against these kinds of unwanted consequences. Same like clients getting banned from their own website because of something weird in wordpress triggering a ban.
