The standard install of fail2ban on Ubuntu 12.4 LTS doesn’t, by default, pick up all errors. To fix it, edit /etc/fail2ban/filter.d/dovecot.conf and change the failregex line to
failregex = .*(?: pop3-login|imap-login):.*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed|Disconnected \(tried to use disabled).*rip=(?P
It’s the “Disconnected \(tried to use disabled” which is important.