Seems account password was cracked. The only one solution is forcing all users to use strong passwords.

Please tell me any kind of tool to prevent any such connections from being made to our mail server.
This makes the postfix service down, decreasing the reputation of mail domain on barracuda and cisco tallos intelligence.

Throttling the emails ?

spamming issue is coming for new mail accounts each day.
Throttle only limits outbound sending but domain reputation is going poor.
Is there any tool to prevent hacked mail accounts sending bulk mail in a few minutes ?

Current password policy is like at least 10 characters with :
Password must contain

    at least one letter
    at least one uppercase letter
    at least one digit number
    at least one special character: #$%&'"*+-,.:;!<=>?@[]/\(){}_`~

But then also if some user accesses his/her mail account on a public cyber cafe system or anywhere outside, hi account gets compromised.

But today a new type of spamming was seen; An IP from UK hacked some accounts and tried to send 1 KB genuine subject lie mails to domain members in large amount.

It was hacked from <dyanmicip>.threembb.co.uk

The mail cannot be opened due to errors in it.

What can be done now  ?

Hi Zhang,

Is there a possibility of getting an email alert once throttle limit reached 90% ? Thus any account reaching 90% of threashold value triggers an email to an admin/admins (entered email) ?

This would be very helpful !

Yes would be good global admin(s) (or any email written in config file somewhere) could get email notification.

PS - I remember i've seen some similar discussion here in forum in 2013 , and its pity this is not implemented yet, as this is really good mechanism to catch spam sending from hacked accounts and stop it immediately before getting to lots of blacklists. (PPS I know you might offer strong passwords, but in my case passwords where stolen with keylogger malware, so if i could get warning about threshold limit - i could have reacted fast and prevent hacker form sending tons of emails.)

Hopefully maybe you can offer some kind of add-on script i could use ?

PPS- i replied to this thred on iredMail, however i have iRedMailPro version .

Getting alerts for mail id's sending out spam mails is the best way of handling alerts.

Also, if possible any way if it can be integrated with ZABBIX MONITORING TOOL, means alerts if a mail id has crossed global threshold ...

If we use EV SSL for our mail domain then how much it can guarantee against the breaching attempt as the Let's Encrypt SSL seems not so secure..