Mail Server - Opening Ports in the Linux Firewall
In the previous article we installed and configured the basics of Courier. Now we need to open the ports in our firewall so we can access those services.
There are standard ports that are used to access most services.
For example, accessing a website generally uses port 80 for normal (HTTP) web pages and port 443 for secure (HTTPS) pages.
NOTE: Though SMTP generally uses port 25 for connections, port 587 is actually the preferred port for outbound SMTP traffic due to the widespread abuse of port 25.
POP and secure POP use ports 110 and 995 respectively.
IMAP and secure IMAP use ports 143 and 993 respectively.
Following from the Cloud Server setup, we need to edit the iptables.test.rules files to allow access to those ports. We will use port 25 for SMTP at the moment. You can change it as you see fit.
1. Open the test rules file using the following command:
sudo nano /etc/iptables.test.rules
2. Just before the HTTP and HTTPS entries, add the following details:
# Allows SMTP access -A INPUT -p tcp --dport 25 -j ACCEPT # Allows pop and pops connections -A INPUT -p tcp --dport 110 -j ACCEPT -A INPUT -p tcp --dport 995 -j ACCEPT
# Allows imap and imaps connections -A INPUT -p tcp --dport 143 -j ACCEPT -A INPUT -p tcp --dport 993 -j ACCEPT
3. Apply the new rules using the following command:
sudo iptables-restore < /etc/iptables.test.rules
4. Now check that the rules have been applied using the following command:
sudo iptables -L
This information should be in the output from the command:
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s ACCEPT tcp -- anywhere anywhere tcp dpt:imap2 ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
5. Now we have tested the rules, we need to have them applied on a permanent basis.
You will need to have full root access for the next command so use this command in order to enter the root shell:
6. Now use the following command:
iptables-save > /etc/iptables.up.rules
7. Now run this and we’re done:
This will place you back at the admin users command prompt. Do not stay in the root shell.
Opening the default mail ports in your firewall ensures you have access to the POP, POPS, IMAP, and IMAPS services that we have configured and started in this procedure.
Now we are ready to add users and domains to our MySQL database and start using the mail server.
The next article looks at that in detail.
© 2011-2013 Rackspace US, Inc.
See license specifics and DISCLAIMER