While I see these attacks on submission service, on the contrary I see virtually no attempts to actually login into the IMAP service
Makes sense, good luck on it. ...until ofcourse the attackers make the effortless change of switching the port in their bot to IMAP logins instead of Submission :)
