Quoting Alex <ot...@ahhyes.net>:
It [fail2ban] is a great tool. Unfortunately dovecot allows infinate incorrect logins during a single session. When fail2ban has firewalled the ip its pointless as the rule only affects new sessions, not established ones. I am disappointed that the author of dovecot has no interest in adding a feature that closes the session after x auth failures. It would certainly make tools like fail2ban more effective.
If that is a big issue for you, you could always have fail2ban add a dummy route:
For example: route add $IP gw 127.0.0.1 Rick
