Ports open for hardware firewall

trinkel · February 2, 2022, 10:33pm

I am configuring a new hardware firewall on the edge of my network and I have a couple of questions about which ports to open. I have the list from ufw status verbose and I have seen the info at https://mailinabox.email/guide.html#machine.

ufw lists port 465 as being open but the guide does not mention it. Should it be open on the firewall? I’m guessing that the port was added to the firewall after the guide was written.
If I host my own DNS outside (Google), do I still need to open port 53 on the firewall?

Thanks!

alento · February 3, 2022, 12:57am

Yes to both.

MiaB still needs to be able to query DNS, so outbound port 53 is required at a minimum. If you close inbound port 53 expect errors on the admin status page.

trinkel · February 3, 2022, 1:39am

Makes sense. Thanks alento!