Ports: Difference between revisions
(updates to a number of mta related ports that have changed with 8 or later) |
|||
Line 17: | Line 17: | ||
These are ports typically available to mail clients. | These are ports typically available to mail clients. | ||
;25 | {| class="wikitable" style="margin-left: 5px; margin-right: auto;" | ||
!Port || Protocol || Zimbra Service || Description | |||
|- | |||
|25 || smtp || mta || incoming mail to postfix | |||
|- | |||
|80 || http || mailbox / proxy || web mail client (disabled by default in 8.0) | |||
|- | |||
|110 || pop3 || mailbox / proxy || POP3 | |||
|- | |||
|143 || imap || mailbox / proxy || IMAP | |||
|- | |||
|443 || https || mailbox / proxy - web mail client || HTTP over TLS | |||
|- | |||
|465 || smtps || mta || Incoming mail to postfix over TLS (Legacy Outlook only? If possible, use 587 instead) | |||
|- | |||
|587 || smtp || mta || Mail submission over TLS | |||
|- | |||
|993 || imaps || mailbox / proxy || IMAP over TLS | |||
|- | |||
|995 || pop3s || mailbox / proxy || POP3 over TLS | |||
|- | |||
|9071 || https || proxy admin console || HTTP over TLS (if enabled) | |||
|- | |||
|} | |||
==Internal Access== | ==Internal Access== |
Revision as of 11:17, 28 October 2015
Default Ports Used by Zimbra
- This article is a Work in Progress, and may be unfinished or missing sections.
You may choose not to allow remote connections to all of these. In a multi-node environment:
- all nodes will need access to
- the ldap server or servers (389) and
- the logger server (514)
- mta nodes will need access to lmtp on all mailbox nodes (7025)
- mailbox nodes will need admin port access to other mailbox nodes (7071)
External Access
These are ports typically available to mail clients.
Port | Protocol | Zimbra Service | Description |
---|---|---|---|
25 | smtp | mta | incoming mail to postfix |
80 | http | mailbox / proxy | web mail client (disabled by default in 8.0) |
110 | pop3 | mailbox / proxy | POP3 |
143 | imap | mailbox / proxy | IMAP |
443 | https | mailbox / proxy - web mail client | HTTP over TLS |
465 | smtps | mta | Incoming mail to postfix over TLS (Legacy Outlook only? If possible, use 587 instead) |
587 | smtp | mta | Mail submission over TLS |
993 | imaps | mailbox / proxy | IMAP over TLS |
995 | pop3s | mailbox / proxy | POP3 over TLS |
9071 | https | proxy admin console | HTTP over TLS (if enabled) |
Internal Access
These are ports typically only used by the zimbra system itself.
- 389
- ldap [ldap]
- 636
- ldaps [ldaps] - if enabled
- 7025
- lmtp [mailbox] - local mail delivery
- 7047
- http [conversion server]
- 7071
- https [mailbox] - admin console: HTTP over TLS
- 7072
- http [mailbox] - ZCS Nginx Lookup (backend http service for nginx lookup/authentication)
- 7073
- http [mailbox] - ZCS saslauthd Lookup (backend http service for SASL lookup/authentication) (added: ZCS 8.7)
- 7110
- pop3 [mailbox] - Backend POP3 (if proxy configured)
- 7143
- imap [mailbox] - Backend IMAP (if proxy configured)
- 7171
- - [zmconfigd] - configuration daemon
- 7306
- mysql [mailbox]
- 7307
- mysql [logger] - logger (removed: ZCS 7)
- 7780
- http [mailbox] - spell check
- 7993
- imaps [mailbox] - Backend IMAP over TLS (if proxy configured)
- 7995
- pop3s [mailbox] - Backend POP3 over TLS (if proxy configured)
- 8080
- http [mailbox] - Backend HTTP (if proxy configured on same host, disabled by default: 8.0)
- 8443
- https [mailbox] - Backend HTTPS (if proxy configured on same host)
- 8465
- milter [mta/opendkim] - OpenDKIM milter service
- 10024
- smtp [mta/amavisd] - to amavis from postfix
- 10025
- smtp [mta/master] - (no antispam) back to postfix from amavis|opendkim
- 10026
- smtp [mta/amavisd] - "ORIGINATING" policy
- 10027
- smtp [mta/master] - postjournal
- 10028
- smtp [mta/master] - content_filter=scan via opendkim
- 10029
- smtp [mta/master] - "postfix/archive"
- 10030
- smtp [mta/master] - talks to opendkim milter, forwards to 10025|10032
- 10031
- milter [mta/cbpolicyd] - cluebringer policyd
- 10032
- smtp [mta/amavisd] - (antispam) "ORIGINATING_POST" policy
- 11211
- memcached [proxy] - nginx route lookups
System Access
- 22
- ssh
- 53
- dns
- 514
- syslogd [logger] (udp)