Which TCP ports should be open/mapped for a mail server?

This FAQ is geared towards new administrators looking for guidance on a proper mail server setup.

As a best practice, your mail server should require SSL encryption for IMAP, POP and Webmail. SMTP should have SSL enabled, but not required.

A typical OS X Server mail server for a small business would have these ports open.

  • IMAP: 993
  • POP: 995 (if used)
  • Incoming SMTP: 25
  • SMTP/TLS Submission: 587
  • SMTP/SSL Submission: 465 (mainly for compatibility with older Outlook versions)
  • ScreenSharing: 5900 (if used)
  • Webmail: 80
  • Webmail/SSL: 443

Other ports, like imap/143 pop/110, ssh/22, etc should not be opened unless required.

One size does not fit all. You may need to adjust to your needs.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.