Firewall ports in Zimbra
One of the main weapons of modern cybercriminals is the port scanner, thanks to which they find servers that are susceptible to certain vulnerabilities and then attack them. That is why one of the main rules to ensure the cyber security of a server is a competent firewall configuration. An optimally tuned network traffic filtering…
I am confused about that statement:
your company has installed Zimbra on several servers, then you’ll have to open the following ports: 25, 80, 110, 143, 443, 465, 587, 993, 995
I have a single server and if I don't open the above ports on my router's Virtual Server, then my Zimbra server cannot receive or send any emails to the internet, so aren't those ports mandatory to open no matter the number of servers?
Can you please specify which ones are to be opened on the router's side for a secure communication?
I guess that the goal of the article is to list the ports used by Zimbra and give more details on them, so SysAdmins can properly configure their firewall to block unnecessary connections to some ports.
For instance, if you don't use POP3 or IMAP services but only Exchange ActiveSync you can close 110, 143, 993 and 995 ports, or at least block connections from the Internet to those ports.
Some firewalls also permit blocking connections from geographical areas, so maybe if you actually use IMAP(S) but your users connect only from Italy you can block connections to that ports from other countries.
I suggest checking the ports in the article and evaluate if the relative services are used and where the connections will come from, so you can configure your firewall to reduce the attack surface.
Hope this helps.