What ports/bindings do you use for your SM install?
Question asked by Adam - 7/3/2020 at 10:12 PM
Hi all,

I'm going to revamp some of the ports & bindings for my SM server...and was wondering what ports and what security layer type (SSL or TLS) you use for each?

I had a look at KB article and also through Google - but there doesnt seem to be an absolute industry standard, but want to get as close as possible as to what all devices will work best for, so your opinions would be helpful. 

Thanks in advance!

5 Replies

Reply to Thread
Sébastien Riccio Replied
Hi, we use:

25 - SMTP (TLS)
110 - POP (TLS)
143 - IMAP (TLS)
465 - Submission (SSL)
587 - Submission (TLS)
993 - IMAP (SSL)
995 - POP (SSL)

I think this ports layout is kinda the standard ports configuration for a mail service.

Note: The TLS ports accept both clear and secure connections (explicit TLS using STARTTLS). The SSL ports accept only secure connections (implicit SSL).

Sébastien Riccio System & Network Admin https://swisscenter.com
echoDreamz Replied
I wish we could enforce TLS on certain ports. We had a law firm that complained that our server wasnt passing their security scans because 587 accepts both unauthenticated mail as well as non-TLS connections.
Sébastien Riccio Replied
Yes, echoDreamz, it would really need to have a toggle for TLS ports (not needed/irrelevant for SSL and standard ports), something like "Allow AUTH without TLS" or "Require TLS for AUTH".

Sébastien Riccio System & Network Admin https://swisscenter.com
Urs Replied
In addition to Sébastien to notice:

Open additionally those ports on server firewall if required:
80 - http
443 - https
5222 - XMPP if required
389 - LDAP if required

And as recommendation:
Use for outgoing mail a separate IP(or another Gateway-Server with switchable IP's), so in case of blacklisted server IP address you can switch to a clean IP

Ionel Aurelian Rau Replied
Can you please provide more info on port 389 (LDAP) for SmarterMail? Do clients over the Internet need to be able to access the SmarterMail server over port 389?

Reply to Thread