Not applicable to most installations, but I use geographical filtering on all ports other than 25. Fine if you are the only user of the email system. I don't block countries where I will send and retrieve email. I augment this with a small blocking list of IP space where I'm OK if they read my websites, but won't be sending/receiving email from their physical location. In short, schools and universities. So for example I would have trouble sending mail from the University of Michigan or anywhere in Kahzakstan.
I get one hacker a week trying to guess passwords, and always from Digital Ocean VPS. I just block them as the occur. I have list of data centers that have tried to hack my web server, which I also block from the email server other than port 25. I would like to see statistics on the success of such brute force attacks. They can't be very successful these days.
