Adrien It's rather simple to install CrowdSec and add the iptables bouncer. At least that will stop some abuse from CrowdSec's known bad IPs. That's worth something, and the free option is affordable. When Enhance adds mod_security to Apache that should further improve security somewhat.
Plus the email logs are centralized on Enhance and CrowdSec seem to have support for Dovecot/Postfix (not sure yet about rspamd) so perhaps brute email brute force attacks, malformed requests and perhaps even some spam can be mitigated. It would just be more difficult without Enhance support to implement the Apache parser, it seems.
Data sources for email log files need to be defined, and so far the documented procedures (documentation is abundant but a bit obscure) is not working correctly, but once I figure that out I'll be happy to provide details.
Missing in CrowdSec is a good WAF (similar to cPGuard/Imunify360) and malware scanning/protection.