FortiMail open ports
When operating in its default configuration, FortiMail does not accept TCP or UDP connections on any port except port1 and port2 network interfaces, which accept:
|
Incoming ports |
||
---|---|---|
Purpose |
Protocol/Port |
|
Admin by Console or PC |
SSH, Telnet, HTTP, SSH, Console |
TCP/443 or TCP/80 or TCP/22 or TCP/23 |
Email Client |
Quarantine View/Retrieve |
TCP/80 or TCP/443 or TCP/110 |
SMTP or SMTPS |
TCP/25 or TCP/465 |
|
POP3 or POP3S |
TCP/110 or TCP/995 (server mode only) |
|
IMAP or IMAPS |
TCP/143 or TCP/993 (server mode only) |
|
WebDAV and CalDAV |
TCP/8008 |
|
FortiMail |
Base port for HA heartbeat signal |
UDP/20000 |
Synchronization control |
UDP/20001 |
|
File synchronization |
TCP/20002 |
|
Data synchronization |
TCP/20003 |
|
Checksum synchronization |
TCP/20004 |
|
HA service monitoring (remote SMTP) |
TCP/25 |
|
HA service monitoring (remote HTTP) |
TCP/80 |
|
HA service monitoring (remote POP3) |
TCP/110 |
|
HA service monitoring (remote IMAP) |
TCP/143 |
|
Clear Text Central Quarantine |
TCP/514 |
|
SSL Central Quarantine |
TCP/6514 |
|
SNMP Poll |
TCP/161 |
|
Config/Firmware Push |
TCP/22 |
|
AV Push |
UDP/9443 |
|
External Email Server |
SMTP or SMTPS |
TCP/25 or 465 |
Storage: iSCI, NFS |
TCP/3260 (iSCI), TCP/2049 (NFS) |
|
Config Backup |
SFTP / FTP |
|
Mail Data Backup |
NFS, SMB/CIFS, SSH, external USB (direct connected), iSCSI |
|
Protected Email Server |
SMTP or SMTPS |
TCP/25 or 465 |
Outgoing ports |
||
---|---|---|
Purpose |
Protocol/Port |
|
OFTP |
UDP/514 |
|
SNMP Traps |
UDP/162 |
|
Reg, Config Backup, Config/Firmware Pull |
TCP/443 |
|
AS Rating |
UDP/53 or 8888, TCP/443 |
|
AV/AS Update |
TCP/443 |
|
FortiMail |
Base port for HA heartbeat signal |
UDP/20000 |
Synchronization control |
UDP/20001 |
|
File synchronization |
TCP/20002 |
|
Data synchronization |
TCP/20003 |
|
Checksum synchronization |
TCP/20004 |
|
HA service monitoring (remote SMTP) |
TCP/25 |
|
HA service monitoring (remote HTTP) |
TCP/80 |
|
HA service monitoring (remote POP3) |
TCP/110 |
|
HA service monitoring (remote IMAP) |
TCP/143 |
|
Clear Text Central Quarantine |
TCP/514 |
|
SSL Central Quarantine |
TCP/6514 |
|
External Email Server |
SMTP or SMTPS |
TCP/25 or TCP/465 |
Protected Email Server |
SMTP or SMTPS |
TCP/25 or TCP/465 |
POP3 Auth |
TCP/110 |
|
IMAP Auth |
TCP/143 |
|
Others |
Dyn DNS |
TCP/80 * |
DNS, RBL |
UDP/53 |
|
NTP |
UDP/123 |
|
Alert Email |
TCP/25 |
|
LDAP or LDAPS |
TCP/389 or TCP/636 |
|
RADIUS Auth |
TCP/1812 |
|
NAS |
TCP/21, TCP/22, TCP/2049 |
|
OCSP (for PKI user) |
TCP/80, or defined by certificate |
|
FortiSandbox / FortiSandbox Cloud |
Communication |
TCP/443, TCP/514 |
* FortiMail generates outbound traffic and sends an HTTP SYN request via TCP/80. The Fortinet RSS Feed widget provides a convenient display of the latest security advisories and discovered threats from Fortinet. Also, if an email message contains a shortened URI that redirects to another URI, it would cause FortiMail to send an HTTP SYN request to the shortened URI to get the redirected URI.
FortiMail uses the following URLs to access the FortiGuard Distribution Network (FDN):
Furthermore, FortiMail performs these queries and updates listed below using the following ports and protocols:
|