OS: SuSE 9.3 Pro I work with a small ISP and we are encountering with increasing frequency Windows machines which have been compromised and apparently being used as spambots based on their attempted connection to port 25 of foreign hosts instead on using our mail server for outgoing mail. With allowance for legitimate exceptions, could we simply disallow port 25 connections from within our networks to any but our mail servers? (We run all outgoing -as well as incoming- mail thru amavis/clamav/spamassassin.) Any other thoughts or links to resources? Thank you, Lucky