You need a slight change to your allow rule...
To allow your mail server outbound access you need the ‘mail server’ IP address in the source IP address for the allow rule, the source port is any, the destination IP address is any, and the destination port is 25. Your mail server will likely use a ‘random’ outbound/source port, but always its own IP address, the destination will always be ‘any’ (because you don’t know what it’s connecting to), and the destination port will always be TCP port 25, since that’s the well known port that SMTP listens on.
Thats should get you working.