I try to prevent connections to certain ports as that will trigger an IPS I have no control over.
The blocklist documentation states ports are ignored so I cannot just do something like: 0.0.0.0/0:123

Is that a feature I cannot find or is it not supported?

Hello

if you need to block a port, this is a work for a firewall

Yeah, that's the problem. I use a SOCKS proxy so I have no control over the firewall in that case. The Intrusion Detection on the proxy will drop my connection when it sees outgoing traffic to certain ports. Otherwise I wouldn't have had the need to ask.
I know, weird setup...

You might want to set a global destination port deny, like this in MikroTik.
ip firewall filter chain=forward action=drop dst-interface=wan1 dst-ports=0-137,139,140,141 ...

In advanced firewall settings at Windows or iptables. Just remember to block by application.

Thanks for the reply but yeah, that would work if there was no socks proxy. The only connection any firewall would see is
Tixati@localip:localport -> socksserver:1080
The firewall can't block what it can't see. I wonder if there is a local packet inspector that could unwrap the socks stream and drop it before it hits the proxy.