 ports to open
Which ports to open depend partly on the services you offer - if you're not offering un-encrypted IMAP, for instance, don't bother opening 143.
One thing to think about, tho - if your host knows itself by it's public name (mail.whatever.com) which resolves to the public IP on the fw - make sure the fw allows connections from the private ip on the box (192.168.foo.bar) to the public IP on all the ports. (esp. ldap (389) and sql (7306/7307)) |