Not much implementation actually. Fail2ban does all the hard work, and then if I get too many emails reporting the same IP I go in and manually permaban the offending IP (doesn't happen often).