On 2022-03-08 06:53, White, Daniel E. (GSFC-770.0)[NICS] wrote:
For a mail relay server running only Postfix,
I am making an educated guess that the only potentially needed open
ports would be 25, 465, 587, and 2525
25: all mail exchange is exclusively done with connections to port 25
465: submissions, authenticated mail submission using implicit TLS
(RFC 8314)
587: submission, authenticated mail submission using explicit TLS
(plaintext is possible but usually not recommended)
2525: ?
(According to
https://sectigostore.com/blog/what-is-a-secure-smtp-ssl-port-heres-what-to-know-about-smtp-security/)
The author in March 2020 was unaware of RFC 8314 from January 2018.
Re: 2525, I don't know, but I would ask what providers are using it,
and why? She mentions that it's in case of blocked port 587. But
blocking 587 makes little sense. Who is blocking 587, and why? And
if so, why would they not also be blocking 2525?
No need to open imap(s) and/or pop3(s), right ?
You might need to open some of these on your IMAP server.
--
http://rob0.nodns4.us/
