Question
My server is locked down through a firewall pretty tightly. I have opened ports 25, 110, 143 & 80 for access to the server. Do I also have to open 79 (finger), 106 (password), and 53 (dns)?
Answer
You do not need to open either 79 or 106 but we would recommend that you do open 53 for DNS, particularly outbound, but also inbound if your main DNS server is in house.
The ports referenced are these:
Port 25 INBOUND ? allows e-mail to be delivered to your server via SMTP.
Port 25 OUTBOUND ? Allows your server to post e-mail to the outside world via SMTP.
Port 110 INBOUND ? This is for the POP service. If you have people who need access to their mail account outside your company, then allow access. If everyone uses this server, you don’t need to allow access.
Port 110 OUTBOUND ? This is for the POP service. Access is not required unless people within your company are collecting email from servers outside your company.
Port 143 INBOUND ? This is for the IMAP service. If you have people who need access to their mail account outside your company, then allow access. If everyone uses this server, you don’t need to allow access.
Port 143 OUTBOUND ? This is for the IMAP service. Access is not required unless people within your company are collecting email from servers outside your company.
Port 80 INBOUND ? This is the standard web access port. You will need this open if you have a web service running on port 80.
Port 80 OUTBOUND ? This is the standard web access port. This should be open if you allow your users to access external web pages (whether through the proxy or not).
Port 79 INBOUND ? Allows access to the NTMail Finger service
Port 79 OUTBOUND – Allows access to remote finger services
Port 106 INBOUND ? Allows access to the NTMail password server from remote clients.
Port 106 OUTBOUND – Allows access to remote password servers
Port 53 INBOUND ? Allows access to your DNS server (if in existence).
Port 53 OUTBOUND ? Allows NTMail to send DNS requests to external DNS servers.
Additionally:
Port 8000 ? INBOUND – Used by the Gordano Administrative GUI
Port 9000 ? INBOUND ? Allows user access to GLWebMail
Port 8888 INBOUND – User MML port (only needed if you are using user mml files, including the sample user GUI from the Option Pack)
Port 8080 ? Proxy access. You do not need to open this at all unless you want external users to have access to the proxy server. The proxy itself goes out to collect pages on port 80, so that would need to be open outbound.
Port 443 OUTBOUND ? Needed if the users needed to access secure web pages using HTTPS (either this port or any other port you specified in the proxy settings.)
See Also:
Keywords:port SMTP POP IMAP DNS WWW HTTP FINGER Password 79 106 53 25 110 80 143 8000 8008 8080 Firewall access proxy security router