I have spent sometime to find the reason why my fail2ban installation seems not to be able to catch these lines. The answer in the end was quite simple: If you log using systemd, then you need to specify a journalmatch line to filter out those lines properly.

This type of connections:

Mar  5 10:01:40 hostname postfix/smtpd[88112]: warning: unknown[141.98.10.70]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

can be filtered out with this setup in /etc/fail2ban/jail.d/jail.local

[DEFAULT]
backend = systemd
bantime = 1d
maxretry = 2
findtime = 1d

[dovecot]
enabled = true

[postfix]
enabled = true
mode = aggressive
journalmatch = SYSLOG_IDENTIFIER=postfix/smtpd

[sshd]
enabled = true

This works on Debian Bullseye and Debian Buster and fail2ban default installation.