Sure, which is why i took this one step further - and created my own RBL from the ban logs - and then use this on my firewalls (you can use on iptables quite easily with some scripting) so it blocks before the mail server has to even process the connection. When using this across a a decent amount, or even only a couple, of servers you really see the benefits. Even if you didnt want to put this on a firewall, you could put the home-made RBL across your Zimbra servers, so if one sees an attack...they all do and block it.
Maybe ill write up a how-to when i find a moment
