Well that's a tough question to answer. There's 2 sides to that coin, you could attempt to block the IP via Windows firewall rule, but whoever or whatever it is sitting on the page would just pick another IP an have at it again. You would be setting up rules all day long on the server.
Now with that said, SM does have built in security for Brute Force attempts on the webmail page. So whoever or whatever is sitting on that page is most likely attempting usernames and passwords to log into whatever account. I believe by default it's 5 or 10 attempts before the IP is blacklisted for a period of time. They will show up under Manage -> Current IDS blocks -> webmail. One of the suggestions I have is if you don't have one already, I would get a digital certificate and require https on the webmail page. That way if something is there attempting to sniff usernames and passwords, it's encrypted with the digital certificate.
As far as stopping the Anonymous, there's really no way to stop that.