I managed to install the SMTP server on my windows webserver 2008 in order to send emails from PHP or .NET apps running on the server. Everything works fine, but now I am concerned about security. What do I need to do in order to make my SMTP installation safe? Any special settings? There are only one or two apps on the server all written by myself for the same client, so its not a hosting enviroment or something.
Here is what I did in order to set up the SMTP server: PHP mail() on windows webserver 2008
The easiest way to make it safe is to disable via the firewall port 25 on the external interfaces, but allow port 25 on the localhost interfaces so your php script will continue to function as expect. This will mean you cannot accept mail into your machine, but according to your question, this isn't an issue.