Ive been in this situation a few times now. A customer has an email account created, that notebook/desktop gets compromised, info stolen and that info is used to start sending out mass amount of spam.
Result is provider getting complaints and my IP getting temporarily thrown on RBL's. The solution at present is to disable to the account, clear the mailq, restart services and start cleaning up the mess.
I am running 188.8.131.52/Postfix/Postgrey and the bells and whistles on Ubuntu 12.x. Before I start going down the Postfix path, is there any solution in ISPConfig or an upcoming suggestion for this?