To be fair, the point is to confirm with the Network admins that the only outbound mail traffic is via the SMG alone.
Once this has been confirmed, then it's a matter of ensuring that you have outbound scanning enabled (which you said you have) and that the SMG is up to date.
That is the preliminary investigation in a nutshell.
Anything beyond that will require you identifying which emails you believe are spam going through your SMG, identifying which machines are generating the spam, and remediating those machine or logging a case with Symantec to investigate.