change port 25

If you block incoming traffic on port 25, your users will not be able to receive any mail. That is totally normal, expected behavior. The mail client used makes no difference. Incoming mail simply will not work.

Port 25 is how mail servers talk to each other. If you block port 25, your server (and your users) will not receive any mail.

What you are trying to do is just not going to work like you want it to work. If you block port 25, there is no way at all to tell other servers, that want to send mail to your server, to use a different port. Blocking port 25 breaks mail.

You may be misunderstanding the purpose of Exim running on an additional port (like 26). Many Internet service providers (ISPs) block their end users from sending mail on port 25, so that is why you might want Exim to listen on port 26 or even a different port. Exim on an additional port lets your users send mail to your server, so your server can relay it out to its destination. However, Exim still uses port 25 to send mail to other servers, and other servers still use port 25 to send mail to your server.

Port 25 is the port that Internet mail servers use to send mail to each other, and disabling it is not a valid way to try to handle a spam or DDOS problem. All it will do is break your mail completely.

A much better way to deal with this is to ask your hosting company what services they offer to mitigate DDOS attacks. They may be able to block the offending IP addresses at the network level, possibly even at their upstream provider. That is really the only way to approach this, instead of completely breaking mail by blocking port 25.