By default, cPanel/WHM will allow those who have authenticated successfully via POP3 within the past 30 to login to send mail via SMTP without authentication (since they already authenticated via POP3).

To disable this behavior and thus force all your customers to use SMTP authentication, run the following command as root via SSH:

/usr/local/cpanel/bin/tailwatchd –disable=Cpanel::TailWatch::Antirelayd