1. WHM -> tweak settings -> Enable Track the origin of messages sent though the mail server by adding the X-Source headers (exim 4.34+ required)
2. WHM -> tweak settings -> Prevent the user "nobody" from sending out mail to remote addresses
You should use :fail: in your Default Address catchall aliases as :fail: sends a rejection notice to the sending SMTP server during the RCPT stage of the SMTP connection - these are not bounce emails to the sender as such. Things to check for in the /etc/valiases/* files:
1. Don't use :blackhole:
2. Don't use /dev/null
3. Make sure none of the email accounts on the server are over their mail quota, if they are either remove them or empty them
4. Make sure none of the cPanel accounts are over their disk quota
This usually rules out most actual bounces which the above 4 can generate.