Is it possible to close all of the TCP ports except TCP port 25 (SMTP). We don't want any traffic coming in or out except for outgoing mail. Please let me know how to configure this...
Assuming your mail server is 192.168.5.1
access-list 101 permit tcp host 192.168.5.1 any eq 25
access-list 101 deny ip any any
access-list 102 permit tcp any host 192.168.5.1 established
access-list 102 deny ip any any
ip access-group 101 out
ip access-group 102 in
the above will only allow the mail server 192.168.5.1 to initiate connections to other mail servers on port 25 and for the return traffic to be allowed back in. That's it.