Results 1 to 4 of 4

Thread: FOSS and Needed Firewall Ports

  1. #1
    spectra is offline Special Member
    Join Date
    Oct 2009
    Posts
    147
    Rep Power
    5

    Default FOSS and Needed Firewall Ports

    Hey Gang,
    I use FOSS 7 Ubuntu this way.

    My zimbra receives email which I forwarded to me from my ISP.
    My zimbra sends email for me via relay thru my ISP.
    I use my webclient exclusively.
    I have full local access to the box on my local network via it's IP 192.aa.bb.cc

    The only ports I need open on my firewall to my zimbra should be what ?

    Since I use my webclient I know I need 443.
    I am uncertain about 25 and 110.

    I'm not poping email off zimbra with a client so I don't see where 110 is needed.
    I'm relaying when I send so is 25 needed ?
    What port is used for zimbra to receive the forwarded email from my ISP ?

    I'm a little crossed up on this.

    My point is that I don't want any port open on my firewall that I don't need to have open.


    2nd question
    ---------------
    Realizing that zimbra can be configured for external accounts, what ports would I need to have open then ?
    I will never have any direct poping or using zimbra to send via clients like outlook or tbird.



    thanks

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,582
    Rep Power
    57

    Default

    If you have no external access to your server for IMAP or POP then you only need ports 25 & 443 for SMTP & Webmail, if you don't have an outbound firewall then you don't need to do anything else. If you have an outbound firewall then you need port 25 & 993 for IMAPS (if you're getting mail via that port) - all the ports are detailed in the wiki: Ports - Zimbra :: Wiki
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    spectra is offline Special Member
    Join Date
    Oct 2009
    Posts
    147
    Rep Power
    5

    Default

    Yes, I saw and read that.
    Ah, I'm clear now. I don't have an outbound firewall. Anything generated inside is safe and cool and goes out on any port it wish. Yes, I run IPCop for anyone interested.

    So I need 25 because that's the port for mail to come in on from my ISP since I forward. Yeah I get it.

    443 is obviously needed since I must access the webclient.

    Yes, I will now lock up shop tighter.

    thanks

  4. #4
    Labsy is offline Elite Member
    Join Date
    Nov 2009
    Location
    Ljubljana, Slovenia
    Posts
    268
    Rep Power
    5

    Default

    There are ports I have opened (direction: inbound) on my Zimbra box. SSH and Zimbra Admin I have limited only from my office static IP. they Are all you need for proper and secure operation of your Zimbra:

    tcp 22 = SSH
    tcp 80 = HTTP
    tcp 25 = SMTP
    tcp 110 = POP3 *
    tcp 443 = HTTPS
    udp 443 = HTTPS **
    tcp 465 = SMTP over SSL
    tcp 993 = IMAP4 over SSL
    tcp 995 = POP3 over SSL
    tcp 7071 = Zimbra admin

    * Remove POP3 port 110 if you have SSL certificate and want to force users to download mail only via SSL/TLS secured chanell.

    ** I am not sure why I added UDP 443 port, but I know I did not add it by accident.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 4
    Last Post: 01-24-2011, 11:30 AM
  2. Need to backup FOSS - How
    By spectra in forum Administrators
    Replies: 2
    Last Post: 01-23-2011, 12:34 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •