I receive hundreds of failed authentications per day on one email address.

Every one seems to come from a different IP. This example shows 162.252.129.23.

Is there a way to reject these emails. Maybe limit the number of failed authentications.

Or perhaps allow only whitelisted IPs to send mail from a specified user.

I have put a limit of 5 outgoing messages an hour for that user, but that gets eaten up by the spammers quickly, then the user can't send any legit emails. Any suggestions on how to deal with this problem?

Here is an example

08:34:53 [162.252.129.23][34836979] rsp: 220 mail.myemail.com
08:34:53 [162.252.129.23][34836979] connected at 7/12/2016 8:34:53 AM
08:34:54 [162.252.129.23][34836979] cmd: EHLO mcew.com
08:34:54 [162.252.129.23][34836979] rsp: 250-mail.myemail.com Hello [162.252.129.23]250-SIZE250-AUTH LOGIN CRAM-MD5250-8BITMIME250 OK
08:34:54 [162.252.129.23][34836979] cmd: AUTH LOGIN
08:34:54 [162.252.129.23][34836979] rsp: 334 VXNlcm5hbWU6
08:34:54 [162.252.129.23][34836979] Authenticating as linda@example.com
08:34:54 [162.252.129.23][34836979] rsp: 334 UGFzc3dvcmQ6
08:34:54 [162.252.129.23][34836979] rsp: 535 Authentication failed
08:34:55 [162.252.129.23][34836979] disconnected at 7/12/2016 8:34:55 AM