Best practices for preventing and monitoring spammers or hacked files in user accounts

I was wondering if someone could point me toward a basic, newbie oriented guide to setting up cpanel/whm to not only monitor for potential spammers but also to prevent them as much as possible. Are there any recommended plugins or scripts to use to help monitor this and alert me to potential problems?

I already am running CFS and LFD and the two times I have discovered hacks it has been as a result of getting notified of localhostrelays going out from specific accounts. Other than this and setting a max number of emails per hour is there anything else I should be using or doing?