Found additional infected file error.php inside wp-includes/SimplePie/Cache for dronesouthwest.com and other domains. I deleted the infected file, cleared all cache directories added .htaccess rules to prevent recurrence.
If you start another wordpress installation, please take a look at the existing .htaccess for dronesouthwest, because you have make similar .htaccess for any new wordpress installation.
You also have to disable email alerts for updates (for wordpress and plugins; especially Wordfence plugin). This will minimize outgoing email traffic.
When spammers register for new account, WordPress already creates necessary entries in MySQL database, even if you never approve the spammer's registration. So, basically, spammers can fill up the MySQL database and bring our server down. So, please research how we can prevent this.
There is a cross scripting vulnerability in W3 Super Cache. I don't know if there is any update yet.
I will watch the mail queue again in a couple of days to make sure no site on prod.surchy.com is generating spam, before permanently starting sendmail service.