Mailborder servers use various ports and protocols for handling web and email traffic. The required ports and protocols are listed below for Mailborder servers to function properly.
Inbound connections to services such as SSH or web can be controlled with a firewall, but outbound connections should not be restricted as doing so will either severely degrade server performance or break it all together. For example, many spam and virus updates are requested via ports 80 and 443 TCP.
Note that an inbound connection to the Master server from each Child server is required on port 443 TCP (https) for logging and task management.
The only required inbound port is 25 for mail flow. All others can be limited to your internal network. If you plan on using Letsencrypt certificates, port 80 inbound will also need to be open for verification from Letsencrypt.
Used on or Bound to Public Interface
| Service | Port | Protocol | Network Flow |
| web | 80, 443 | TCP | Both |
| smtp | 25 | TCP | Both |
| smtps* | 465 | TCP | In |
| submission* | 587 | TCP | In |
| razor | 2703 | TCP | Out |
| dns | 53 | UDP | Out |
| PGP | 11371 | TCP |
Out |
| Pyzor | 24441 | UDP |
Out |
| NTP | 123 | UDP |
Out |
*Enabling firewall access to 465 and 587 is optional.
Bound to Loopback Interface 127.0.0.1
| Service | Port | Protocol | Purpose |
| mailborder | 10025 | TCP | milter in |
| mailborder | 10026 | TCP | milter out |
| dkim | 1255 | TCP | signing |
| dmarc | 1256 | TCP | authentication |
| spamd | 783 | TCP | spamassassin |
| searchd | 9306 | TCP | sphinx |
| mysqld | 3306 | TCP | database |
