Blocking outgoing spam on network

[joblo37pam]

I'm looking for an easy/cheap way to block spam from ever leaving my network.

With the uptick in virii/spyware lately, I have had quite a few spambots coming into the shop to get cleaned up. Some of them because the ISP has shut them down for sending spam. Once in a while (twice in the last month), one of these machines will get plugged into the network before it is 'really' clean and start spamming again. Luckily, I know the ISP guy that monitors this and he just calls and tells me to unplug it, but I would like to keep that traffic from ever getting out of the network.

I know I could setup an Untangle box to only allow smtp traffic from my Exchange server, but I also need to be able to allow smtp traffic to machines from time to time to test their email client configurations. Does Untangle allow for outgoing spam filtering instead of just blocking based on port 25? If not, is there anything else (preferably open source) that could do this?

Thanks for the suggestions

 

[LZ1]

Why do your client machines need port 25 out? All email should go through exchange.

Just block 25 and allow it if you need to troubleshoot.

 

[jmack_3]

My techbench is on a totally different subnet and port 25 is blocked at the firewall that handles the techbench. We only open port 25 when needed to test an outgoing email and even then only when we cant reconfigure the client to a more appropriate port for outgoing email. I'm about to go one step further and begin monitoring all traffic that comes off the techbench as we have seen some pretty smart/stealthy spambots as of late.

Joe...

 

[joblo37pam]

Why do your client machines need port 25 out? All email should go through exchange.

Just block 25 and allow it if you need to troubleshoot.

These machines don't belong to us, so our Exchange server is irrelevant, except for the fact that it still needs out on 25. These machines are relying on their ISP/host for POP3/SMTP, and we need to test that connectivity once in a while. It would be best if we didn't have to open a port every time we configured a POP3 client. A smart filter would be better, if there's one available (even if it was only so smart as to allow a maximum number of messages per IP/min or something similar)

 

[nessus]

Does Untangle allow for outgoing spam filtering instead of just blocking based on port 25?
Thanks for the suggestions

Yep, on the Spam Blocker settings in the advanced section, just check the checkbox to "Scan outbound (WAN) SMTP".

 

[joblo37pam]

Yep, on the Spam Blocker settings in the advanced section, just check the checkbox to "Scan outbound (WAN) SMTP".

Sweet. I guess I'll have to throw a machine together and give it a go.