These types of issues cannot really be solved with networking/firewall equipment like Mikrotik. Especially if you are dealing with SMTP you need to take other criteria into mind (eg. reputation). In essence SMTP is a general public service so IF you decided to run your own
public SMTP-host, you should be willing to accept any inbound connection from anywhere in the world initially, but perhaps later terminate it because it failed SMTP Authentication (like here). But the initial connection acceptance & dialog is a fact...
So we ARE talking about public SMTP right ? Or is SMTP used here in the context of end-users injecting mail that needs to be delivered further on ? (then port 25 should not be used)
However, perhaps you can do something with Mikrotik, similar like I used for other purposes. -> Have some config where you ADD remote SMTP IP's to an IP ACL if they make TOO MANY connections from the same IP in a given time-slot. (they are put on a access-list and in your firewall you have a DROP rule for TCP/25 coming from these IP's)
There is some specific config you can do ("PSD" attributes) when construction the rule and other metrics also to work on.
viewtopic.php?t=108749
Sure this will be a growing list to filter against but that will be OK. You need to evaluate it and see if it remains acceptable.
In my config here, IP's that try to make connections too frequently (which I consider scanners) are thrown onto an ACL. At any given time I have about 200 IP's listed and they remain on there for quite some time.
Such rules could make connections to your SMTP a lot lesser.
Do you have multiplex MX-records set for your domain ? Do you have an upstream ISP that is willing to accept mail for you ? (and then deliver it to you)