Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add documentation for outgoing ports and destinations #505

Open
Stefomat opened this issue Dec 28, 2022 · 4 comments
Open

Add documentation for outgoing ports and destinations #505

Stefomat opened this issue Dec 28, 2022 · 4 comments

Comments

@Stefomat
Copy link

Hi,

In the installation requirements there is a chapter that deals with firewalls and ports. It explains exactly which incoming ports Mailcow needs and how to check if they are free. However, outgoing ports are not covered in this chapter. Outgoing ports and destinations are only briefly touched in "Hetzner Cloud (and probably others)", as there are specialities for Hetzner.

Can we have a chapter that deals with outgoing destinations and ports during installation and operation?
E.g. for http/https towards GitHub (git clone), DNS towards root server and recursive resolution, etc.?

I think not every Mailcow instance is placed on the internet with the firewall completely open for outgoing connections.
For such installations, an overview of the required connections would be helpful.

Greetings
Stefomat

@DerLinkman
Copy link
Member

If you want to contribute that feel free to do so. Right now it's not planned to implement such information from our side.

@robertoswald
Copy link

As far as I figured out at the moment you need to allow on top of the obvious mail traffic ports, outgoing:
UDP 53,11445,11335
Else, rspamd ist taking a significant longer scan time.

@DerLinkman
Copy link
Member

DNS TCP AND UDP Port 53, Rspamd is also correct, that are the fuzzy ports for eg. fuzzy.mailcow.email

@robertoswald
Copy link

DNS TCP AND UDP Port 53, Rspamd is also correct, that are the fuzzy ports for eg. fuzzy.mailcow.email

Only UDP 53 für DNS showed up blocked in firewall log. Just for information.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants