WHM have an option to restrict users from interacting directly with remote mail servers.
This option can be accessible from the following locations in WHM.
Home >> Server Configuration >> Tweak Settings, under the Mail Tab as Restrict outgoing SMTP to root, exim, and mailman. Home >> Security Center >> SMTP Restrictions
Enabling this setting restricts outgoing email connection attempts to the mail transfer agent (MTA), the mailman system user, and the root user. Ultimately, this forces both scripts and users to use Exim's Sendmail binary, rather than directly accessing the socket. This will help to prevent the spamming.
Prior to version 11.32, this feature would simply block any attempt to connect to a remote mail server. But starting with cPanel & WHM 11.32, the software redirects the outgoing connection attempt to the local mail server.
Please note that if any applications using the above users for mailing, it will not work. This can be temporarily fixed by disabling the restriction which not the proper method. So each and every applications should configure with an smtp authentication mechanism for mailing.