Ports: Difference between revisions
No edit summary |
(updates to a number of mta related ports that have changed with 8 or later) |
||
Line 18: | Line 18: | ||
;25:smtp [mta] - incoming mail to postfix | ;25:smtp [mta] - incoming mail to postfix | ||
;80:http [mailbox] - web mail client (disabled by default: 8.0) | ;80:http [mailbox|proxy] - web mail client (disabled by default: 8.0) | ||
;110:pop3 [mailbox] | ;110:pop3 [mailbox|proxy] | ||
;143:imap [mailbox] | ;143:imap [mailbox|proxy] | ||
;443:https [mailbox] - web mail client: HTTP over TLS | ;443:https [mailbox|proxy] - web mail client: HTTP over TLS | ||
;465:smtps [mta] - incoming mail to postfix over TLS (Legacy Outlook only? If possible, use 587 instead) | ;465:smtps [mta] - incoming mail to postfix over TLS (Legacy Outlook only? If possible, use 587 instead) | ||
;587:smtp [mta] - Mail submission over TLS | ;587:smtp [mta] - Mail submission over TLS | ||
;993:imaps [mailbox] - IMAP over TLS | ;993:imaps [mailbox|proxy] - IMAP over TLS | ||
;995:pop3s [mailbox] - POP3 over TLS | ;995:pop3s [mailbox|proxy] - POP3 over TLS | ||
;9071:https [nginx => mailbox] - proxy admin console: HTTP over TLS (if enabled) | ;9071:https [nginx => mailbox] - proxy admin console: HTTP over TLS (if enabled) | ||
Line 38: | Line 38: | ||
;7071:https [mailbox] - admin console: HTTP over TLS | ;7071:https [mailbox] - admin console: HTTP over TLS | ||
;7072:http [mailbox] - ZCS Nginx Lookup (backend http service for nginx lookup/authentication) | ;7072:http [mailbox] - ZCS Nginx Lookup (backend http service for nginx lookup/authentication) | ||
;7073:http [mailbox] - ZCS saslauthd Lookup (backend http service for SASL lookup/authentication) | ;7073:http [mailbox] - ZCS saslauthd Lookup (backend http service for SASL lookup/authentication) (added: ZCS 8.7) | ||
;7110:pop3 [mailbox] - Backend POP3 (if proxy configured) | ;7110:pop3 [mailbox] - Backend POP3 (if proxy configured) | ||
;7143:imap [mailbox] - Backend IMAP (if proxy configured) | ;7143:imap [mailbox] - Backend IMAP (if proxy configured) | ||
;7171:- [zmconfigd] - configuration daemon | |||
;7306:mysql [mailbox] | ;7306:mysql [mailbox] | ||
;7307:mysql [logger] - logger (removed: ZCS 7) | ;7307:mysql [logger] - logger (removed: ZCS 7) | ||
Line 48: | Line 49: | ||
;8080:http [mailbox] - Backend HTTP (if proxy configured on same host, disabled by default: 8.0) | ;8080:http [mailbox] - Backend HTTP (if proxy configured on same host, disabled by default: 8.0) | ||
;8443:https [mailbox] - Backend HTTPS (if proxy configured on same host) | ;8443:https [mailbox] - Backend HTTPS (if proxy configured on same host) | ||
;10024:smtp [mta] - to amavis from postfix | ;8465:milter [mta/opendkim] - OpenDKIM milter service | ||
;10025:smtp [mta] - back to postfix from amavis | ;10024:smtp [mta/amavisd] - to amavis from postfix | ||
;10025:smtp [mta/master] - (no antispam) back to postfix from amavis|opendkim | |||
;10026:smtp [mta/amavisd] - "ORIGINATING" policy | |||
;10027:smtp [mta/master] - postjournal | |||
;10028:smtp [mta/master] - content_filter=scan via opendkim | |||
;10029:smtp [mta/master] - "postfix/archive" | |||
;10030:smtp [mta/master] - talks to opendkim milter, forwards to 10025|10032 | |||
;10031:milter [mta/cbpolicyd] - cluebringer policyd | |||
;10032:smtp [mta/amavisd] - (antispam) "ORIGINATING_POST" policy | |||
;11211:memcached [proxy] - nginx route lookups | ;11211:memcached [proxy] - nginx route lookups | ||
Revision as of 18:20, 5 August 2015
Default Ports Used by Zimbra
- This article is a Work in Progress, and may be unfinished or missing sections.
You may choose not to allow remote connections to all of these. In a multi-node environment:
- all nodes will need access to
- the ldap server or servers (389) and
- the logger server (514)
- mta nodes will need access to lmtp on all mailbox nodes (7025)
- mailbox nodes will need admin port access to other mailbox nodes (7071)
External Access
These are ports typically available to mail clients.
- 25
- smtp [mta] - incoming mail to postfix
- 80
- http [mailbox|proxy] - web mail client (disabled by default: 8.0)
- 110
- pop3 [mailbox|proxy]
- 143
- imap [mailbox|proxy]
- 443
- https [mailbox|proxy] - web mail client: HTTP over TLS
- 465
- smtps [mta] - incoming mail to postfix over TLS (Legacy Outlook only? If possible, use 587 instead)
- 587
- smtp [mta] - Mail submission over TLS
- 993
- imaps [mailbox|proxy] - IMAP over TLS
- 995
- pop3s [mailbox|proxy] - POP3 over TLS
- 9071
- https [nginx => mailbox] - proxy admin console: HTTP over TLS (if enabled)
Internal Access
These are ports typically only used by the zimbra system itself.
- 389
- ldap [ldap]
- 636
- ldaps [ldaps] - if enabled
- 7025
- lmtp [mailbox] - local mail delivery
- 7047
- http [conversion server]
- 7071
- https [mailbox] - admin console: HTTP over TLS
- 7072
- http [mailbox] - ZCS Nginx Lookup (backend http service for nginx lookup/authentication)
- 7073
- http [mailbox] - ZCS saslauthd Lookup (backend http service for SASL lookup/authentication) (added: ZCS 8.7)
- 7110
- pop3 [mailbox] - Backend POP3 (if proxy configured)
- 7143
- imap [mailbox] - Backend IMAP (if proxy configured)
- 7171
- - [zmconfigd] - configuration daemon
- 7306
- mysql [mailbox]
- 7307
- mysql [logger] - logger (removed: ZCS 7)
- 7780
- http [mailbox] - spell check
- 7993
- imaps [mailbox] - Backend IMAP over TLS (if proxy configured)
- 7995
- pop3s [mailbox] - Backend POP3 over TLS (if proxy configured)
- 8080
- http [mailbox] - Backend HTTP (if proxy configured on same host, disabled by default: 8.0)
- 8443
- https [mailbox] - Backend HTTPS (if proxy configured on same host)
- 8465
- milter [mta/opendkim] - OpenDKIM milter service
- 10024
- smtp [mta/amavisd] - to amavis from postfix
- 10025
- smtp [mta/master] - (no antispam) back to postfix from amavis|opendkim
- 10026
- smtp [mta/amavisd] - "ORIGINATING" policy
- 10027
- smtp [mta/master] - postjournal
- 10028
- smtp [mta/master] - content_filter=scan via opendkim
- 10029
- smtp [mta/master] - "postfix/archive"
- 10030
- smtp [mta/master] - talks to opendkim milter, forwards to 10025|10032
- 10031
- milter [mta/cbpolicyd] - cluebringer policyd
- 10032
- smtp [mta/amavisd] - (antispam) "ORIGINATING_POST" policy
- 11211
- memcached [proxy] - nginx route lookups
System Access
- 22
- ssh
- 53
- dns
- 514
- syslogd [logger] (udp)