I got an ASA 5505 for a client, and defined outgoing rules ahead of time so that only http/https and smtp/pop3 access were allowed out to certain servers. The install went smooth (I just followed the wizard), but RIGHT as I was leaving I noticed that ALL outbound traffic was allowed!
I literally had to leave RIGHT THEN, but the last thing I noticed was an implicit rule in my list saying that all traffic to a less secure network was allowed. I could not edit or delete this rule, so I left the client quite frustrated. I do not see this "allow all outbound traffic" rule anywhere in my exported config.
Can someone help me narrow down why outbound traffic is wide open (and how to stop it)? I can post my config later this afternoon if it would help.