Anda dapat memilih untuk tidak mengizinkan koneksi jarak jauh ke semua port eksternal tergantung pada layanan mana yang ingin Anda sediakan. Secara umum, yang terbaik adalah bersikap seketat mungkin.
Ini adalah port yang biasanya tersedia untuk mail client.
Port | Protocol | Zimbra Service | Description |
---|---|---|---|
25 | smtp | mta | incoming mail to postfix |
80 | http | mailbox / proxy | web mail client (disabled by default in 8.0) |
110 | pop3 | mailbox / proxy | POP3 |
143 | imap | mailbox / proxy | IMAP |
443 | https | mailbox / proxy – web mail client | HTTP over TLS |
465 | smtps | mta | Incoming mail to postfix over TLS (Legacy Outlook only? If possible, use 587 instead) |
587 | smtp | mta | Mail submission over TLS |
993 | imaps | mailbox / proxy | IMAP over TLS |
995 | pop3s | mailbox / proxy | POP3 over TLS |
3443 | https | proxy | User Certificate Connection Port (optional) |
5222 | xmpp | mailbox | Default server port |
5223 | xmpp | mailbox | Default legacy SSL port |
9071 | https | proxy admin console | HTTP over TLS (optional) |
Ini adalah port yang biasanya hanya digunakan oleh sistem Zimbra itu sendiri.
Port | Protocol | Zimbra Service | Description |
---|---|---|---|
389 | ldap | ldap | LC(ldap_bind_url) |
636 | ldaps | ldaps | if enabled via LC(ldap_bind_url) |
3310 | – | mta/clamd | zimbraClamAVBindAddress |
5269 | xmpp | mailbox | Server-to-Server communications between servers on the same cluster |
7025 | lmtp | mailbox | local mail delivery; zimbraLmtpBindAddress |
7026 | milter | mailbox | zimbra-milter; zimbraMilterBindAddress |
7047 | http | conversion server | Accessed by localhost by default; binds to ‘*’ |
7071 | https | mailbox | admin console HTTP over TLS; zimbraAdminBindAddress |
7072 | http | mailbox | ZCS nginx lookup – backend http service for nginx lookup/authentication |
7073 | http | mailbox | ZCS saslauthd lookup – backend http service for SASL lookup/authentication (added in ZCS 8.7) |
7110 | pop3 | mailbox | Backend POP3 (if proxy configured); zimbraPop3BindAddress |
7143 | imap | mailbox | Backend IMAP (if proxy configured); zimbraImapBindAddress |
7171 | – | zmconfigd | configuration daemon; localhost |
7306 | mysql | mailbox | LC(mysql_bind_address); localhost |
7307 | mysql | logger | logger (removed in ZCS 7) |
7780 | http | mailbox | spell check |
7993 | imaps | mailbox | Backend IMAP over TLS (if proxy configured); zimbraImapSSLBindAddress |
7995 | pop3s | mailbox | Backend POP3 over TLS (if proxy configured); zimbraPop3SSLBindAddress |
8080 | http | mailbox | Backend HTTP (if proxy configured on same host); zimbraMailBindAddress |
8443 | https | mailbox | Backend HTTPS (if proxy configured on same host); zimbraMailSSLBindAddress |
8465 | milter | mta/opendkim | OpenDKIM milter service; localhost |
8735 | ng | mailbox | internal mailbox to mailbox communication |
8736 | ng | mailbox | distributed configuration |
10024 | smtp | mta/amavisd | to amavis from postfix; localhost |
10025 | smtp | mta/master | opendkim; localhost |
10026 | smtp | mta/amavisd | “ORIGINATING” policy; localhost |
10027 | smtp | mta/master | postjournal |
10028 | smtp | mta/master | content_filter=scan via opendkim; localhost |
10029 | smtp | mta/master | “postfix/archive”; localhost |
10030 | smtp | mta/master | 10032; localhost |
10031 | milter | mta/cbpolicyd | cluebringer policyd |
10032 | smtp | mta/amavisd | (antispam) “ORIGINATING_POST” policy |
10663 | – | logger | LC(logger_zmrrdfetch_port); localhost |
23232 | – | mta/amavisd | amavis-services / msg-forwarder (zeromq); localhost |
23233 | – | mta/amavisd | snmp-responder; localhost |
11211 | memcached | memcached | nginx route lookups, mbox cache (calendar, folders, sync, tags); zimbraMemcachedBindAddress |
Dalam lingkungan multi-node, komunikasi khas antar node yang diperlukan meliputi:
Harap diperhatikan: tabel ini adalah WORK IN PROGRESS
Destination | Source(s) | Description |
---|---|---|
ALL | ||
22 | *ALL* | SSH (system & zmrcd): host management |
udp/53 | *ALL* | DNS (system ¦ dnscache): name resolution |
Logger | ||
udp/514 | *ALL* | syslog: system and application logging |
LDAP | ||
389 | *ALL* | all nodes talk to LDAP server(s) |
MTA | ||
25 | ldap | sent email (cron jobs) |
25 | mbox | sent email (web client, cron, etc.) |
antivirus | ||
3310 | mbox | zimbraAttachmentsScanURL (not set by default) |
memcached | ||
11211 | mbox | mbox metadata data cache |
11211 | proxy | backend mailbox route cache |
Mailbox (mbox) | ||
80 | proxy | backend proxy http |
110 | proxy | backend proxy pop3 |
143 | proxy | backend proxy imap |
443 | proxy | backend proxy https |
993 | proxy | backend proxy imaps |
995 | proxy | backend proxy pop3s |
7025 | mta | all mta talk to any mbox (LMTP) |
7047 | mbox | localhost by default; zimbraConvertdURL |
7071 | mbox | all mbox talk to any mbox (Admin) |
7072 | proxy | zmlookup; zimbraReverseProxyLookupTarget |
7073 | mta | sasl auth; zimbraMtaAuthTarget (since ZCS 8.7) |
Zimbra Docs | ||
8443 | all docs + all mbox | backend https |
Sekian artikel terkait Port Default Zimbra. Jika para pembaca yang ingin mengetahui ataupun bertanya tentang SPF, Zimbra, Lisensi Zimbra, serta Professional Services untuk kebutuhan server Zimbra pembaca lebih lanjut. Silahkan hubungi kami di info@rekha.co.id atau WhatsApp ke 0851-5532-4400