FreeBSD

Does not block the user. fail2ban. How to fix?

Good afternoon. The bottom line is:
There is a FreeBSD mail server, an IP address is knocked almost every 3 seconds.
/var/log/exim/mainlog

dovecot_login authenticator failed for ([xx.xx.xxx.xx]) [xx.xx.xxx.xx] I=[xxx.xxx.xx.xxx]:25: 535 Incorrect authentication data

Dovecot fails: /etc/fail2ban/filter.d/dovecot.conf

_auth_worker = (?:dovecot: )?auth(?:-worker)?
_daemon = (?:dovecot(?:-auth)?|auth)

#prefregex = ^%(__prefix_line)s(?:%(_auth_worker)s(?:\([^\)]+\))?: )?(?:%(__pam_auth)s(?:\(dovecot:auth\))?: |(?:pop3|imap)-login: )?(?:Info: )?<F-CONTENT>.+</F-CONTENT>$

failregex = ^authentication failure; logname=\S* uid=\S* euid=\S* tty=dovecot ruser=\S* rhost=<HOST>(?:\s+user=\S*)?\s*$
^(?:Aborted login|Disconnected)(?::(?: [^ \(]+)+)? \((?:auth failed, \d+ attempts(?: in \d+ secs)?|tried to use (?:disabled|disallowed) \S+ auth)\):(?: user=<[^>]*>,)?(?: method=\S+,)?
^pam\(\S+,<HOST>(?:,\S*)?\): pam_authenticate\(\) failed: (?:User not known to the underlying authentication module: \d+ Time\(s\)|Authentication failure \(password mismatch\?\)|Permiss
^[a-z\-]{3,15}\(\S*,<HOST>(?:,\S*)?\): (?:unknown user|invalid credentials)\s*$    <mdre-<mode>>

Perhaps the problem is in iptables. Tell those who know. Thanks in advance.