Hi Andrew,
just to clarify your situation - you're running some kind of a homegrown script on your colocated machine that listens on an internet port, right? You use this script for sending e-mails, right? And some spammers found how to abuse it for their needs, right?
Well, if the above is true I can recommend:
1) firewall - if you don't need to connect to your machine from the public internet, simply block all incoming traffic on the particular port. You could still allow it for any number of "trusted" addresses, e.g. to allow your other machines connect to the mailserver.
2) postfix (sendmail, exim, ...) - if you really use a script instead of a real mailserver I definitely recommend switching over to the real mailserver. Postfix is my favourite - easy to configure, fast, secure with a huge userbase.
3) disable relaying - accept incoming e-mail on your postfix server only for your own domains. Otherwise it's called "open relay" and is very soon blacklisted. E.g. my server accepts email for domains logix.cz and logix.net.nz, but would reject e-mail to snowsoft.co.nz, unless I use...
4) SMTP-AUTH - if the sender of the email is authenticated with username and password, my server agrees to receive mail for _any_ domain and tries to deliver it on behalf of the original sender. That way I have sent this e-mail to you at snowsoft.co.nz, I simply authenticated myself to my postfix mailserver and it did the rest for me.
My smtp-client.pl script is usable when you need to send e-mails from command line via your mailserver that requires SMTP-AUTH (and possibly TLS which provides encryption, so that the traffic can't be sniffed on the wire).