I have seen that the IP address of my mail server has added to blocked IP address list on http://psbl.org. I am using this server for personal use. So, it is not that much of an issue that I am, as a non IT pro, handling the server.
I suspect that someone obtained the password of one of the e-mail addresses or my server got infected by a spamware. I am trying to find out if there is any sign of a spamware inside the server by using SysInternals' tools but I haven't seen anything unusual (or I don't know where and what to look).
Is there any way I can inspect the SMTP traffic of my mail server to see usual e-mails going out from my server? First, I thought that Wireshark would be a suitable tool but I am not that experienced with that tool as well.
Also, which approach should I follow to be sure that my server doesn't have a spamware?
I am on Windows Server 2008 R2.