In the previous article, we installed and configure the basics of courier. Now we need to open the ports in our firewall so we can access those services.
There are standard ports that are used to access most services.
For example, accessing a website generally uses port 80 for normal (HTTP) web pages and port 443 for secure (HTTPS) pages.
Smtp generally uses port 25 for connections although there are recommendations for port 587 (see the official documentation for details).
Pop and pops
Pop and secure Pop use ports 110 and 995 respectively.
Imap and imaps
Imap and secure imap use ports 143 and 993 respectively.
Following from the Slice setup, we need to edit the iptables.test.rules files to allow access to those ports. We will use port 25 for smtp at the moment. You can change it as you see fit.
Open the test rules file:
sudo nano /etc/iptables.test.rules
Just before the HTTP and HTTPS entries add the following details:
# Allows SMTP access -A INPUT -p tcp --dport 25 -j ACCEPT # Allows pop and pops connections -A INPUT -p tcp --dport 110 -j ACCEPT -A INPUT -p tcp --dport 995 -j ACCEPT # Allows imap and imaps connections -A INPUT -p tcp --dport 143 -j ACCEPT -A INPUT -p tcp --dport 993 -j ACCEPT
Now we need to apply the new rules:
sudo iptables-restore < /etc/iptables.test.rules
Ok. Let's check the rules have been applied:
sudo iptables -L
In the output from the command should be the following information:
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s ACCEPT tcp -- anywhere anywhere tcp dpt:imap2 ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
Well, that seems to tie in nicely with what we want.
Now we have tested the rules, we need to have them applied on a permanent basis.
You will need to have full root access for the next command so enter this:
This will place you in the root shell.
iptables-save > /etc/iptables.up.rules
One done, type:
This will place you back at the admin users command prompt. Don't stay in the root shell.
Opening the default mail ports in our firewall has ensure we have access to the pop, pops, imap and imaps services we have configured and started.
Phew! Now we are ready to add users and domains to our MySQL database and start using the mail server.
The next article looks at that in detail.