Of course. This is how I did it:
1. Get the EPEL package (epel-release-5-3.noarch.rpm) and install it for quick access to EPEL repo.
2. Install gamin-python, with dependencies (gamin itself, etc.).
3. Install shorewall from EPEL (better support for iptables then iptables command line itself).
4. Configure shorewall (enabled: yes, accept from outside only ssh/pop/smtp/imap, check the files).
5. Install fail2ban from EPEL.
6. Configure fail2ban to listen to 4 sources in 3 log files (one of which is Roundcube, but you need to patch it to work).
I will attach the config files in the zip.
What's in the zip:
/shorewall - should go in /etc/shorewall; mostly as in docs, but I added zone "loop" for loopback, ACCEPT ALL;
Allow only what's needed for incoming (LDAP is commented out cause I don't use it), everything else DROP
For outgoing, accept all.
/fail2ban - should go in /etc/fail2ban, in corresponding dirs
For the filter for postfix (from /var/log/maillog), I modifies the syntax to only ban in case of 5xx codes, *NOT* 4xx, otherwise I will accidentally ban everyone because of greylisting and other temporary errors
For SASL I modified the syntax, the original one didn't work with iRedOS.
The syntax for SSHD is the same, but I include it because I modified the Jail.
The syntax for Roundcube is made by me, but caution: it won't work without this patch to roundcube 0.3-stable.