I suppose, the issue is not related to Premoderation queue or add-on, or the software itself. It's about server's security - if there is mass of bulk POST data coming from the same IP within few hours, the server SHOULD react on it internally. If it doesn't react, it's possible to flood it using any other software, not just miniBB. As I know, most latest Apache versions have this kind of flood protection.
I've got your suggestions. We should prevent the posting of the message itself, not build the premoderation queue some tricky way - it won't help. One of the solutions is to allow certain members (let's say new members) to not post more than X messages per day from the same IP.
Most auto spam generate a different IP each time.
I wouldn't agree with that - a unique IP-address is a rarity nowadays. Even if spammers may use different IP addresses, they would go for such move only having a highly profitable task known. Without making money, rotating IPs has no sense.
And I think, in this case there was just a "simple crime" involved - somebody INTENTIONALLY had a purpose to flood the forum, if it lasted for few hours.