Ports to open?

A new client called us in because their IP address had been blacklisted – turned out a laptop was infected and sending out spam. We’ve sorted out the laptop, and advised them on AV software.

Their firewall currently allows all outbound connections. I think it would be better to block all connections except for a select few (SMTP from the mailserver only for example).

What outbound ports should we leave open?