There are a lot newer viruses around which have their own SMTP functionality! They don't use your email program's configuration or SMTP function. They have their own and it is sufficient if the firewall lets pass SMTP communication. You should immediately reconfigure the firewall to block port 25.
if you have complains about a lot of spam, the window machines combined with the open firewall port are the most likely source.
I did check all the Windows machines for viruses and worms and found none...I will block outgoing port 25 however as soon as I learn more about iptables, looking into it today. Thinking about getting a gui firewall configuration tool to get it done today but I would prefer to learn how to do things first before I get used to guis.
So far I have only had one complaint about SPAM from my ISP so it is isolated but worrysome.
mike
