I assume you have a dedicated server -
1: How do I stop people from sending spam emails? Is there a way to set how many emails can be sent out in an hour? If so how do I set it? (Cpanel/whm Linux fedora)
-- Spamassasin/MailScanner/ClamAV (Or all 3). for controlling spam.
-- Get your SPF Records done, same for Domainkeys and SenderID
-- WHM Tweak Settings option will let you limit/cap the outbound emails per hour (per domain)
2: I had a firewall installed when the hacker got into my server but not BFD. Could this have been the problem? I also had somewhat of a week password. (xxxxxx##) What can I do to prevent this from happening again?
-- Install CSF Firewall or APF with antidos protection
-- Make sure WHM's security tweaks are all in place and enabled
-- Make sure server is secured or find someone (A server admin) for the same
-- Consist root passwords (or any passwords) using both upper and lower case alphabets, numbers and symbols like ($ or @).
3: How do I limit the amount of recourses an account can use?
-- WHM Reseller Settings
-- CPanel Modify Account
-- WHM - install mod security & mod bandwidth.
Hope this helps.