Hello,
I have some problems on my server, when a trojan or an PHP injection get access to it because a misconfiguratior or infection the server is listed on one or more spam lists, and I think that If I close all outgoing outbound traffic except the maileneble executables and services the problem is solved (of course previusly I search and erase/desinfect the problem).
The problem is that I do not know which programs or executables have to give access on the Outgoing firewall.
If I create a rule for the port 25 and 587 the mail send are OK, but every program have access to that ports, and I want only Mailenable SMTP outgoing executables and services have access to that ports.
What are the executables and/or services I need to open on the outgoing firewall??
I see some exes in the /bin folder, but I give open the ports to that exes and the outgoing mail remains in the outgoing SMTP folder in the mailenable administrtion console.
The server is a Windows Server 2008 r2.
Thanks!!
PS: Sorry for my bad english, Im still learning... (currently 6 months of studing...)