In the previous article, we installed and configured Dovecot to accept our incoming connections to the mail server. Now we need to open the ports in our firewall so we can access those services.
There are standard ports that are used to access most services.
For example, accessing a website generally uses port 80 for normal (HTTP) web pages and port 443 for secure (HTTPS) pages.
SMTP uses port 25 by default for connections although there are recommendations for port 587 (see the official documentation for details).
POP3 and POP3s
POP3 and secure POP3 use ports 110 and 995 respectively.
IMAP and IMAPS
IMAP and secure IMAP use ports 143 and 993 respectively.
Following from the Slice setup, we need to edit the iptables configuration file to allow access to those ports. We will use port 25 for SMTP for the sake of this article. You can change it as you see fit.
Open the iptables file:
sudo nano /etc/sysconfig/iptables
Just before the HTTP and HTTPS entries add the following details:
# Allows SMTP access -A INPUT -p tcp --dport 25 -j ACCEPT # Allows pop and pops connections -A INPUT -p tcp --dport 110 -j ACCEPT -A INPUT -p tcp --dport 995 -j ACCEPT # Allows imap and imaps connections -A INPUT -p tcp --dport 143 -j ACCEPT -A INPUT -p tcp --dport 993 -j ACCEPT
Now we need to apply the new rules:
sudo /etc/init.d/iptables restart
Ok. Let's check the rules have been applied:
sudo iptables -L
The output from the command should now show the correct ports open in our firewall as follows:
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s ACCEPT tcp -- anywhere anywhere tcp dpt:imap ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
Great, everything looks good there.
Now that we have tested the rules, we need to apply them on a permanent basis:
sudo /etc/init.d/iptables save
Opening the default mail ports in our firewall will ensure we have access to the POP, POP3, IMAP, and IMAPS services. It will also allow our mail server to speak with our servers to send and receive mail as necessary.
Now we are ready to add users and domains so that we can start making use of all this hard work we've done.
The next article looks at that in detail.