We've just found out our 2011 SBS Server has been sending out spam emails by their thousands. I've checked that there is no open relay in Exchange 2010 (and there isn't) and turned off all PC's on the network but the spam emails keep coming so pretty sure they are coming from the server. Have virus scanned the server and it seems clean. I've found that all the spam emails are all coming from the same external IP address.
The network is protected by a Watchguard XTM25 firewall. My question is can someone please talk a newcomer to Watchguards how to set up a way of blocking these emails coming in from that IP address on port 25?