Prevent Squirrelmail Brute Force Attacks

You installed Courier or Dovecot and you put SquirrelMail on your box for webmail. Then you were good enough to set up fail2ban or (my favorite) CSF/LFD. But you tested a brute force attack on Squirrelmail’s login page, and you noticed that LFD doesn’t detect brute force login attempts. Why not?