I had several distinct installations of Virtualmin 6.07 installed on a minimal fresh Debian 9 (cloud servers at hetzner.de). On non of them fail2ban worked as supposed. For example it claimed to have found and banned IP’s on postfix-sasl, but in fact the ban did not work so the same IP’s continued happily trying to login to the smtp server day and night. (I did not check jails for every service though, maybe others do work.)
I tried everything suggested here in the forums to get it working, but to no success. Something must be broken in Virtualmin configurations for Debian. Probably because FirewallD is used instead of Iptables?
What I finally did was set up all my servers new on CentOS 7 because there FirewallD is default, widespread and working. Not like Debian where FirewallD is not popular at all. Now on CentOS everything is working as expected, just out of the box.
I consider this a serious security issue.
Wonder how many Debian+Virtualmin servers out there are also unprotected exposed to bot attacks.