Ports: Difference between revisions
Line 46: | Line 46: | ||
These are ports typically only used by the zimbra system itself. | These are ports typically only used by the zimbra system itself. | ||
{| class="wikitable" style="margin-left || 5px| margin-right || auto|" | |||
!Port || Protocol || Zimbra Service || Description | |||
|- | |||
|389 || ldap || ldap | |||
|- | |||
|636 || ldaps || ldaps || (if enabled) | |||
|- | |||
|7025 || lmtp || mailbox || local mail delivery | |||
|- | |||
|7047 || http || conversion server | |||
|- | |||
|7071 || https || mailbox || admin console || HTTP over TLS | |||
|- | |||
|7072 || http || mailbox || ZCS Nginx Lookup (backend http service for nginx lookup/authentication) | |||
|- | |||
|7073 || http || mailbox || ZCS saslauthd Lookup (backend http service for SASL lookup/authentication) (added || ZCS 8.7) | |||
|- | |||
|7110 || pop3 || mailbox || Backend POP3 (if proxy configured) | |||
|- | |||
|7143 || imap || mailbox || Backend IMAP (if proxy configured) | |||
|- | |||
|7171 || - || zmconfigd || configuration daemon | |||
|- | |||
|7306 || mysql || mailbox || | |||
|- | |||
|7307 || mysql || logger || logger (removed in ZCS 7) | |||
|- | |||
|7780 || http || mailbox || spell check | |||
|- | |||
|7993 || imaps || mailbox || Backend IMAP over TLS (if proxy configured) | |||
|- | |||
|7995 || pop3s || mailbox || Backend POP3 over TLS (if proxy configured) | |||
|- | |||
|8080 || http || mailbox || Backend HTTP (if proxy configured on same host, disabled by default in 8.0) | |||
|- | |||
|8443 || https || mailbox || Backend HTTPS (if proxy configured on same host) | |||
|- | |||
|8465 || milter || mta/opendkim || OpenDKIM milter service | |||
|- | |||
|10024 || smtp || mta/amavisd || to amavis from postfix | |||
|- | |||
|10025 || smtp || mta/master || (no antispam) back to postfix from amavis|opendkim | |||
|- | |||
|10026 || smtp || mta/amavisd || "ORIGINATING" policy | |||
|- | |||
|10027 || smtp || mta/master || postjournal | |||
|- | |||
|10028 || smtp || mta/master || content_filter=scan via opendkim | |||
|- | |||
|10029 || smtp || mta/master || "postfix/archive" | |||
|- | |||
|10030 || smtp || mta/master || talks to opendkim milter, forwards to 10025|10032 | |||
|- | |||
|10031 || milter || mta/cbpolicyd || cluebringer policyd | |||
|- | |||
|10032 || smtp || mta/amavisd || (antispam) "ORIGINATING_POST" policy | |||
|- | |||
|11211 || memcached || proxy || nginx route lookups | |||
|} | |||
==System Access== | ==System Access== |
Revision as of 11:24, 28 October 2015
Default Ports Used by Zimbra
- This article is a Work in Progress, and may be unfinished or missing sections.
You may choose not to allow remote connections to all of these. In a multi-node environment:
- all nodes will need access to
- the ldap server or servers (389) and
- the logger server (514)
- mta nodes will need access to lmtp on all mailbox nodes (7025)
- mailbox nodes will need admin port access to other mailbox nodes (7071)
External Access
These are ports typically available to mail clients.
Port | Protocol | Zimbra Service | Description |
---|---|---|---|
25 | smtp | mta | incoming mail to postfix |
80 | http | mailbox / proxy | web mail client (disabled by default in 8.0) |
110 | pop3 | mailbox / proxy | POP3 |
143 | imap | mailbox / proxy | IMAP |
443 | https | mailbox / proxy - web mail client | HTTP over TLS |
465 | smtps | mta | Incoming mail to postfix over TLS (Legacy Outlook only? If possible, use 587 instead) |
587 | smtp | mta | Mail submission over TLS |
993 | imaps | mailbox / proxy | IMAP over TLS |
995 | pop3s | mailbox / proxy | POP3 over TLS |
9071 | https | proxy admin console | HTTP over TLS (if enabled) |
Internal Access
These are ports typically only used by the zimbra system itself.
Port | Protocol | Zimbra Service | Description | |
---|---|---|---|---|
389 | ldap | ldap | ||
636 | ldaps | ldaps | (if enabled) | |
7025 | lmtp | mailbox | local mail delivery | |
7047 | http | conversion server | ||
7071 | https | mailbox | admin console | HTTP over TLS |
7072 | http | mailbox | ZCS Nginx Lookup (backend http service for nginx lookup/authentication) | |
7073 | http | mailbox | ZCS saslauthd Lookup (backend http service for SASL lookup/authentication) (added | ZCS 8.7) |
7110 | pop3 | mailbox | Backend POP3 (if proxy configured) | |
7143 | imap | mailbox | Backend IMAP (if proxy configured) | |
7171 | - | zmconfigd | configuration daemon | |
7306 | mysql | mailbox | ||
7307 | mysql | logger | logger (removed in ZCS 7) | |
7780 | http | mailbox | spell check | |
7993 | imaps | mailbox | Backend IMAP over TLS (if proxy configured) | |
7995 | pop3s | mailbox | Backend POP3 over TLS (if proxy configured) | |
8080 | http | mailbox | Backend HTTP (if proxy configured on same host, disabled by default in 8.0) | |
8443 | https | mailbox | Backend HTTPS (if proxy configured on same host) | |
8465 | milter | mta/opendkim | OpenDKIM milter service | |
10024 | smtp | mta/amavisd | to amavis from postfix | |
10025 | smtp | mta/master | opendkim | |
10026 | smtp | mta/amavisd | "ORIGINATING" policy | |
10027 | smtp | mta/master | postjournal | |
10028 | smtp | mta/master | content_filter=scan via opendkim | |
10029 | smtp | mta/master | "postfix/archive" | |
10030 | smtp | mta/master | 10032 | |
10031 | milter | mta/cbpolicyd | cluebringer policyd | |
10032 | smtp | mta/amavisd | (antispam) "ORIGINATING_POST" policy | |
11211 | memcached | proxy | nginx route lookups |
System Access
- 22
- ssh
- 53
- dns
- 514
- syslogd [logger] (udp)