Difference between revisions of "Firewall Configuration"

[checked revision][unchecked revision]
Line 26: Line 26:
 
| align="center" | ANY
 
| align="center" | ANY
 
| align="center" | GTW
 
| align="center" | GTW
| Access from email servers to send emails to MailStore Gateway mailboxes.<br/>Access from email clients via SMTP needed by the SMTP proxy functionality.  
+
| Access from email servers to send emails to MailStore Gateway mailboxes.<br/>Access from email clients via SMTP needed by the SMTP proxy functionality.
 +
|-
 +
| align="center" | 80
 +
| align="center" | ANY
 +
| align="center" | GTW
 +
| Access from Let's Encrypt for challenge requests.Required for the Let's Encrypt functionality.  
 
|-
 
|-
 
| align="center" | 110
 
| align="center" | 110

Revision as of 14:42, 25 February 2022

It is highly recommended to protect any MailStore Gateway with appropriate firewall rules. This document should help with setting up the required rules.

Please note: On Windows, the installation process automatically creates an appropriate firewall rule. Therefore the below information is only applicable if other firewall solutions are used.

If MailStore Gateway computer is on a private network, refer to the manual of the router or firewall that connects the private network to the Internet to find out how to set up appropriate port forwarding rules in addition to the firewall rules described in this document.

The table below lists all TCP ports that need to be opened in the firewall when using MailStore Gateway. The following abbreviations are used in the source and target columns of that table:

  • ANY = Any computer from private or public networks
  • ADM = Computer or network used for administration
  • GTW = Computer that hosts MailStore Gateway
Port Source Target Description
25 GTW ANY Access to email servers via SMTP needed by the SMTP proxy functionality.
25 ANY GTW Access from email servers to send emails to MailStore Gateway mailboxes.
Access from email clients via SMTP needed by the SMTP proxy functionality.
80 ANY GTW Access from Let's Encrypt for challenge requests.Required for the Let's Encrypt functionality.
110 GTW ANY Access to email servers via POP3 needed by the POP3 proxy functionality.
110 ANY GTW Access from email clients via POP3 needed by the POP3 proxy functionality.
8450 ADM GTW Access to the Management Console by administrators.
465 GTW ANY Access to email servers via SMTPS needed by the SMTP proxy functionality.
465 ANY GTW Access from email clients via SMTPS needed by the SMTP proxy functionality.
587 GTW ANY Access to email servers via SMTP needed by the SMTP proxy functionality.
587 ANY GTW Access from email clients via SMTP needed by the SMTP proxy functionality.
995 GTW ANY Access to email servers via POP3S needed by the POP3 proxy functionality.
995 ANY GTW Access from email clients via POP3S needed by the POP3 proxy functionality.
995 MailStore GTW Access from MailStore Server or MailStore Service Provider Edition to retrieve emails from MailStore Gateway mailboxes.