Hi Mustafa,
Where you found info about 'hack'?.
In the csf, you see it under "View the last 1000 iptables log lines". It gives information of everyone who attacks.
Until you got the Qmailtoaster patch out on March 10, 2014, I found myself completely safe with csf. It did not allow the spammer to make any connection with spamdyke or qmail as I could ban his IPs.
@amudy17
There is a possibility to add in the host.deny file and block many IPs, just like Mustafa suggested.
I suggest that you do not use the host.deny file. It is not very efficient and above that it does not,, or did not, work accurately.
YOUR BEST OPTION IS csf and only csf, as you are already using it. You also know in csf where and how to do that. But NOT IN KLOXO!