We have both the DDoS and Password Brute Force tests enabled on our own servers and several of our customers.
While not perfect, they work pretty well and can log, and block, mal- behaving IP addresses for whatever period of time they are set to do so.
There are a couple of caveats related to their use:
1. Stopping and restarting the SmarterMail service, wipes out the table of blocked IP addresses;
2. Depending on the number of users in any given hosted domain, and depending on how many of them might be in a single location, and attempting to access SmarterMail simultaneously, it is very easy to create false positives for SMTP, POP and IMAP DDoS blocking filters.
This is especially true where a single IP address or a PRIVATE IP address is used in an organization with a large number of individuals and can, without some aggressive monitoring and periodic re-adjustments, cause legitimate users to be periodically blocked from legitimate access to their SmarterMail servers.
Password Brute Force blocking tends to work much better because most users store their passwords in their desktop, tablet or smart phone clients at the time they build the settings for the account.
In my personal experience, Password Brute Force issues, caused by legitimate users, are almost non-existent - almost set it and forget it: but MONITOR regularly to make certain the SmarterMail server is not at risk. [HINT: Set your SMTP and DELIVERY LOGS to DETAILED and store several months worth of data so you can spot trends!]
More recent DDoS attacks are especially difficult to protect against because of the new technology used in the BOTS.
These "snowshoe" attacks spread the threat over a large group of botnet servers, which, in some cases, do a small portion of the work and then actually communicate back to a "master server" or group or master servers as to any vulnerabilities found so the attack can be continued by another botnet, on another device, with a different IP address, which might be physically located in another country.
Information Weeks "Dark Reading" series had a particularly good article on fighting anonymous DDoS attacks. The article can be read at: http://www.darkreading.com/vulnerabilities-and-threats/10-strategies-to-fight-anonymous-ddos-attacks/d/d-id/1102699?
Patrick Lambert, of Tech Republic, also wrote an interesting article on DDoS attacks. Titled, "DDoS Attack Methods and How to Prevent or Mitigate Them," the article can be seen at: https://www.techrepublic.com/blog/it-security/ddos-attack-methods-and-how-to-prevent-or-mitigate-them/