Steps in hardening your mail service :

Some of the things which can be done from WHM to harden your mail service :

=========================
From WHM Main >> Server Configuration >> Tweak Settings:
* POP3 connection limit option prevents lots of POP3 connections.
* POP3 flood prevention option.
* Prevent “nobody” from sending mail : This will ensure that PHP
scripts user the ownership of user “nobody” will not be able send any mails.
* In service manager you can find the option “antirelay” . Turn
this off so that each time POP3 connects authentication would be required.

=========================

Try to use Secure protocols and related ports

POP3S 995
IMAPS 993
SMTPS 465

These are just basics in hardening the mail system. More ones to follow……