> While I see these attacks on submission service, on the contrary I see > virtually no attempts to actually login into the IMAP service Makes sense, good luck on it. ...until ofcourse the attackers make the effortless change of switching the port in their bot to IMAP logins instead of Submission :)