Difference between revisions of "Ports"
m (→External Access) |
m (→Internal Access) |
||
| Line 46: | Line 46: | ||
These are ports typically only used by the zimbra system itself. | These are ports typically only used by the zimbra system itself. | ||
| − | + | {| class="wikitable" style="margin-left || 5px| margin-right || auto|" | |
| − | + | !Port || Protocol || Zimbra Service || Description | |
| − | + | |- | |
| − | + | |389 || ldap || ldap | |
| − | + | |- | |
| − | + | |636 || ldaps || ldaps || (if enabled) | |
| − | + | |- | |
| − | + | |7025 || lmtp || mailbox || local mail delivery | |
| − | + | |- | |
| − | + | |7047 || http || conversion server | |
| − | + | |- | |
| − | + | |7071 || https || mailbox || admin console || HTTP over TLS | |
| − | + | |- | |
| − | + | |7072 || http || mailbox || ZCS Nginx Lookup (backend http service for nginx lookup/authentication) | |
| − | + | |- | |
| − | + | |7073 || http || mailbox || ZCS saslauthd Lookup (backend http service for SASL lookup/authentication) (added || ZCS 8.7) | |
| − | + | |- | |
| − | + | |7110 || pop3 || mailbox || Backend POP3 (if proxy configured) | |
| − | + | |- | |
| − | + | |7143 || imap || mailbox || Backend IMAP (if proxy configured) | |
| − | + | |- | |
| − | + | |7171 || - || zmconfigd || configuration daemon | |
| − | + | |- | |
| − | + | |7306 || mysql || mailbox || | |
| − | + | |- | |
| − | + | |7307 || mysql || logger || logger (removed in ZCS 7) | |
| − | + | |- | |
| − | + | |7780 || http || mailbox || spell check | |
| + | |- | ||
| + | |7993 || imaps || mailbox || Backend IMAP over TLS (if proxy configured) | ||
| + | |- | ||
| + | |7995 || pop3s || mailbox || Backend POP3 over TLS (if proxy configured) | ||
| + | |- | ||
| + | |8080 || http || mailbox || Backend HTTP (if proxy configured on same host, disabled by default in 8.0) | ||
| + | |- | ||
| + | |8443 || https || mailbox || Backend HTTPS (if proxy configured on same host) | ||
| + | |- | ||
| + | |8465 || milter || mta/opendkim || OpenDKIM milter service | ||
| + | |- | ||
| + | |10024 || smtp || mta/amavisd || to amavis from postfix | ||
| + | |- | ||
| + | |10025 || smtp || mta/master || (no antispam) back to postfix from amavis|opendkim | ||
| + | |- | ||
| + | |10026 || smtp || mta/amavisd || "ORIGINATING" policy | ||
| + | |- | ||
| + | |10027 || smtp || mta/master || postjournal | ||
| + | |- | ||
| + | |10028 || smtp || mta/master || content_filter=scan via opendkim | ||
| + | |- | ||
| + | |10029 || smtp || mta/master || "postfix/archive" | ||
| + | |- | ||
| + | |10030 || smtp || mta/master || talks to opendkim milter, forwards to 10025|10032 | ||
| + | |- | ||
| + | |10031 || milter || mta/cbpolicyd || cluebringer policyd | ||
| + | |- | ||
| + | |10032 || smtp || mta/amavisd || (antispam) "ORIGINATING_POST" policy | ||
| + | |- | ||
| + | |11211 || memcached || proxy || nginx route lookups | ||
| + | |} | ||
==System Access== | ==System Access== | ||
Revision as of 11:24, 28 October 2015
Default Ports Used by Zimbra
- This article is a Work in Progress, and may be unfinished or missing sections.
You may choose not to allow remote connections to all of these. In a multi-node environment:
- all nodes will need access to
- the ldap server or servers (389) and
- the logger server (514)
- mta nodes will need access to lmtp on all mailbox nodes (7025)
- mailbox nodes will need admin port access to other mailbox nodes (7071)
External Access
These are ports typically available to mail clients.
| Port | Protocol | Zimbra Service | Description |
|---|---|---|---|
| 25 | smtp | mta | incoming mail to postfix |
| 80 | http | mailbox / proxy | web mail client (disabled by default in 8.0) |
| 110 | pop3 | mailbox / proxy | POP3 |
| 143 | imap | mailbox / proxy | IMAP |
| 443 | https | mailbox / proxy - web mail client | HTTP over TLS |
| 465 | smtps | mta | Incoming mail to postfix over TLS (Legacy Outlook only? If possible, use 587 instead) |
| 587 | smtp | mta | Mail submission over TLS |
| 993 | imaps | mailbox / proxy | IMAP over TLS |
| 995 | pop3s | mailbox / proxy | POP3 over TLS |
| 9071 | https | proxy admin console | HTTP over TLS (if enabled) |
Internal Access
These are ports typically only used by the zimbra system itself.
| Port | Protocol | Zimbra Service | Description | |
|---|---|---|---|---|
| 389 | ldap | ldap | ||
| 636 | ldaps | ldaps | (if enabled) | |
| 7025 | lmtp | mailbox | local mail delivery | |
| 7047 | http | conversion server | ||
| 7071 | https | mailbox | admin console | HTTP over TLS |
| 7072 | http | mailbox | ZCS Nginx Lookup (backend http service for nginx lookup/authentication) | |
| 7073 | http | mailbox | ZCS saslauthd Lookup (backend http service for SASL lookup/authentication) (added | ZCS 8.7) |
| 7110 | pop3 | mailbox | Backend POP3 (if proxy configured) | |
| 7143 | imap | mailbox | Backend IMAP (if proxy configured) | |
| 7171 | - | zmconfigd | configuration daemon | |
| 7306 | mysql | mailbox | ||
| 7307 | mysql | logger | logger (removed in ZCS 7) | |
| 7780 | http | mailbox | spell check | |
| 7993 | imaps | mailbox | Backend IMAP over TLS (if proxy configured) | |
| 7995 | pop3s | mailbox | Backend POP3 over TLS (if proxy configured) | |
| 8080 | http | mailbox | Backend HTTP (if proxy configured on same host, disabled by default in 8.0) | |
| 8443 | https | mailbox | Backend HTTPS (if proxy configured on same host) | |
| 8465 | milter | mta/opendkim | OpenDKIM milter service | |
| 10024 | smtp | mta/amavisd | to amavis from postfix | |
| 10025 | smtp | mta/master | opendkim | |
| 10026 | smtp | mta/amavisd | "ORIGINATING" policy | |
| 10027 | smtp | mta/master | postjournal | |
| 10028 | smtp | mta/master | content_filter=scan via opendkim | |
| 10029 | smtp | mta/master | "postfix/archive" | |
| 10030 | smtp | mta/master | 10032 | |
| 10031 | milter | mta/cbpolicyd | cluebringer policyd | |
| 10032 | smtp | mta/amavisd | (antispam) "ORIGINATING_POST" policy | |
| 11211 | memcached | proxy | nginx route lookups |
System Access
- 22
- ssh
- 53
- dns
- 514
- syslogd [logger] (udp)
