==== Required information ====
- iRedMail version (check /etc/iredmail-release): v0.9.2
- Linux/BSD distribution name and version: Ubuntu 15.10
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No, Free Opensource
- Related log if you're reporting an issue:
====

Hi almost everyday my mail server is getting relentlessly attacked. Because of that, several of my users send out spam email without their consent. I've already setup fail2ban but the hackers kept changing their IP. How to stop this? Please help, any advice will be greatly appriciated

I got error like this:

     May 26 20:36:39 server postfix/smtpd[7233]: connect from unknown[65.157.76.177]
     May 26 20:36:43 server postfix/smtpd[7233]: warning: unknown[65.157.76.177]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
     May 26 20:36:43 server postfix/smtpd[7233]: disconnect from unknown[65.157.76.177]

Or this:

     May 26 20:52:49 server postfix/smtpd[7865]: connect from unknown[178.135.80.139]
     May 26 20:52:50 server postfix/smtpd[7865]: NOQUEUE: reject: RCPT from unknown[178.135.80.139]: 554 5.7.1 <dsldevice.lan>: Helo command rejected: ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (dsldevice.lan); from=<xxx@xxx.com> to=<xxx@xxx.com> proto=ESMTP helo=<dsldevice.lan>
     May 26 20:52:50 server postfix/smtpd[7865]: disconnect from unknown[178.135.80.139]
     May 26 20:54:15 server postfix/smtpd[7865]: warning: hostname triband-del-59.178.48.123.bol.net.in does not resolve to address 59.178.48.123: Name or service not known