My systems:
Release 7.2.6_GA_2926.UBUNTU8 UBUNTU8 FOSS edition.
Release 8.0.7.GA.6020.UBUNTU12.64 UBUNTU12_64 FOSS edition.

To clearify this. I don't search for filtering incoming spam. There are really good how to's out there and they work.
I wan't to prevent outgoing spam from my servers.
I don't want see my IPs on spamlists (especially not on google -> there is no way to get removed from their list -> wait 3 weeks and it will maybe work again -> yea really funny )

What we have done done now:
Prevent weak passwords -> set a good password policy (8 chars, 1 upper, 1 lower, 1 number, 1 special)
Prevent brood force -> fail2ban

My main problem:
A legitimate user account gets hacked in some way (bad password, opens *.pdf.exe -.- , ...)
And now the spammer sends thousands of e-mails. Maybe with spoofed from address.

Possible solutions:
limit the amount of mails a user can send (Zimbra8 -> cluebringer, Zimbra7 -> ?) -> But I'm currently not sure if this works right if the from address gets spoofed.
Limit the the from address (I have made an extra thread for this: https://www.zimbra.com/forums/admini...l-address.html)

What else are you guys doing out there to protect your servers from spammers?