Some of the things which can be done from WHM to harden your mail service :
=========================
From WHM Main >> Server Configuration >> Tweak Settings:
* POP3 connection limit option prevents lots of POP3 connections.
* POP3 flood prevention option.
* Prevent “nobody” from sending mail : This will ensure that PHP
scripts user the ownership of user “nobody” will not be able send any mails.
* In service manager you can find the option “antirelay” . Turn
this off so that each time POP3 connects authentication would be required.
=========================
Try to use Secure protocols and related ports
POP3S 995
IMAPS 993
SMTPS 465
These are just basics in hardening the mail system. More ones to follow……
