fail2ban is very handy in these circumstances...

Succesfull hacking attempts on Zimbra mailboxes (webmail)