Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page FOSS and Needed Firewall Ports

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 02-19-2011, 09:58 PM
Special Member
  
Posts: 125
Default FOSS and Needed Firewall Ports
Hey Gang,
I use FOSS 7 Ubuntu this way.

My zimbra receives email which I forwarded to me from my ISP.
My zimbra sends email for me via relay thru my ISP.
I use my webclient exclusively.
I have full local access to the box on my local network via it's IP 192.aa.bb.cc

The only ports I need open on my firewall to my zimbra should be what ?

Since I use my webclient I know I need 443.
I am uncertain about 25 and 110.

I'm not poping email off zimbra with a client so I don't see where 110 is needed.
I'm relaying when I send so is 25 needed ?
What port is used for zimbra to receive the forwarded email from my ISP ?

I'm a little crossed up on this.

My point is that I don't want any port open on my firewall that I don't need to have open.


2nd question
---------------
Realizing that zimbra can be configured for external accounts, what ports would I need to have open then ?
I will never have any direct poping or using zimbra to send via clients like outlook or tbird.



thanks
Reply With Quote
  #2 (permalink)  
Old 02-19-2011, 11:31 PM
Zimbra Consultant & Moderator
  
Posts: 20,314
Default
If you have no external access to your server for IMAP or POP then you only need ports 25 & 443 for SMTP & Webmail, if you don't have an outbound firewall then you don't need to do anything else. If you have an outbound firewall then you need port 25 & 993 for IMAPS (if you're getting mail via that port) - all the ports are detailed in the wiki: Ports - Zimbra :: Wiki
__________________
Regards


Bill
Reply With Quote
  #3 (permalink)  
Old 02-19-2011, 11:39 PM
Special Member
  
Posts: 125
Default
Yes, I saw and read that.
Ah, I'm clear now. I don't have an outbound firewall. Anything generated inside is safe and cool and goes out on any port it wish. Yes, I run IPCop for anyone interested.

So I need 25 because that's the port for mail to come in on from my ISP since I forward. Yeah I get it.

443 is obviously needed since I must access the webclient.

Yes, I will now lock up shop tighter.

thanks
Reply With Quote
  #4 (permalink)  
Old 02-20-2011, 02:03 PM
Advanced Member
  
Posts: 222
Default
There are ports I have opened (direction: inbound) on my Zimbra box. SSH and Zimbra Admin I have limited only from my office static IP. they Are all you need for proper and secure operation of your Zimbra:

tcp 22 = SSH
tcp 80 = HTTP
tcp 25 = SMTP
tcp 110 = POP3 *
tcp 443 = HTTPS
udp 443 = HTTPS **
tcp 465 = SMTP over SSL
tcp 993 = IMAP4 over SSL
tcp 995 = POP3 over SSL
tcp 7071 = Zimbra admin

* Remove POP3 port 110 if you have SSL certificate and want to force users to download mail only via SSL/TLS secured chanell.

** I am not sure why I added UDP 443 port, but I know I did not add it by accident.
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.