By the way ... same attacks are also carried out for postfix sasl with changing IP addresses, so I have set in F2B postfix_sasl to:
maxretry = 1
Currently, massive attacks on western servers are being carried out everywhere, checks for blacklisted IPs (DNSBL lists) are intermittently no longer possible ... today multirbl.valli.org was repeatedly not accessible anymore