I have a Cisco ASA 5505 in place at a client, and I've got a PC on the network infected with a spambot sending spam. I need to block port 25 to all PC's on the network EXCEPT for the Exchange server. I created an outbound ACL rule on the outside interface to first permit SMTP traffic for my Exchange server and then created a rule to deny SMTP traffic from source ALL. This is not working, as all systems are still able to use port 25 regardless of the order the rules are listed. Am I missing something? Please help.