Banning AUTH Connections with Blank Login

We’ve started banning connections by IP address into our SMTP AUTH service that are making excessive connection requests with blank login names. This came about after we noticed multiple IP addresses flooding our server by attempting to connect once a second without ever attempting to send a login name. We consider this abusive as it wastes server resources that can be used to process legitimate connections.