No, fail2ban would also block legitimate users where the user may have flaky connection and doing one or more connections and not authenticating.
The SSL attempts for http could be blocked with fail2ban. The other SSL attempts attempting to negotiate a old version, may block legitimate users trying to auth with an old client. I would say, the best way to block these types of attacks is to terminate your SSL in your firewall, and just block anything not up to standards. Not ban, but just block the single transactuion by disconnecting the user. And anything OK you just fwd to your mail server unencrypted. Then the firewall takes the bang and your mail server receives only clean traffic.
smime.p7s
Description: S/MIME Cryptographic Signature
