Great to see an article about this.
Been running my own mail server for over 15 years, Postfix + Spamassassin + Dovecot + (can't remember the AV software) + fail2ban.
Fail2ban is great, I see a lot of connections from spammers trying to brute crack users passwords and Fail2ban is set to ban them after 3 attempts, and it automatically unblocks these attempts after a couple of hours. (usual config time to unblock is a few minutes IIRC)
There are a couple of things in here I either never quite got working fully, or haven't used (GreyList) so will read the next installment closely.