Security groups for Mail-in-a-box on AWS


#1

I was unable to find a list of all the ports I needed to enable in my AWS security group. After some trial and error, I am using the below list which is working. I thought it would be helpful to post for anyone trying to set up Mail in a Box on an Amazon EC2:

HTTP - TCP - 80 - 0.0.0.0/0
POP3S - TCP - 995 - 0.0.0.0/0
IMAPS - TCP - 993 - 0.0.0.0/0
SSH - TCP - 22 - ipofyourcomputer
SMTP - TCP - 25 - 0.0.0.0/0
DNS (UDP) - UDP - 53 - 0.0.0.0/0
DNS (TCP) - TCP - 53 - 0.0.0.0/0
Custom TCP Rule - TCP - 587 - 0.0.0.0/0
HTTPS - TCP - 443 - 0.0.0.0/0
Custom TCP Rule - TCP - 4190 - 0.0.0.0/0


#2

It’s actually listed in the setup guide under Firewall settings:

https://mailinabox.email/guide.html

But good to have here too for folks looking for it.


#3
Active Internet connections (servers and established)                                                                                                                                                                                                                       
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name                                                                                                                                                                            
tcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN      13536/master                                                                                                                                                                                
tcp        0      0 127.0.0.1:10222         0.0.0.0:*               LISTEN      11507/python        
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      10978/nginx: master 
tcp        0      0 xxx.xxx.xxx.xxx:53          0.0.0.0:*               LISTEN      22749/nsd           
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      9633/named          
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1354/sshd           
tcp        0      0 127.0.0.1:8952          0.0.0.0:*               LISTEN      22749/nsd           
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      13536/master        
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      9633/named          
tcp        0      0 127.0.0.1:8891          0.0.0.0:*               LISTEN      19886/opendkim      
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      10978/nginx: master 
tcp        0      0 127.0.0.1:8893          0.0.0.0:*               LISTEN      10589/opendmarc     
tcp        0      0 0.0.0.0:4190            0.0.0.0:*               LISTEN      13600/dovecot       
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN      13600/dovecot       
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN      13600/dovecot       
tcp        0      0 127.0.0.1:10023         0.0.0.0:*               LISTEN      10048/postgrey --pi 
tcp        0      0 127.0.0.1:10025         0.0.0.0:*               LISTEN      11189/perl          
tcp        0      0 127.0.0.1:10026         0.0.0.0:*               LISTEN      13600/dovecot       
tcp        0    232 xxx.xxx.xxx.xxx:22          xxx.xxx.xxx.xxx:55148   ESTABLISHED 23572/sshd: xxxxxxx [p 
tcp6       0      0 :::587                  :::*                    LISTEN      13536/master        
tcp6       0      0 :::80                   :::*                    LISTEN      10978/nginx: master 
tcp6       0      0 :::4949                 :::*                    LISTEN      12027/perl          
tcp6       0      0 :::22                   :::*                    LISTEN      1354/sshd           
tcp6       0      0 ::1:8952                :::*                    LISTEN      22749/nsd           
tcp6       0      0 :::25                   :::*                    LISTEN      13536/master        
tcp6       0      0 :::443                  :::*                    LISTEN      10978/nginx: master 
tcp6       0      0 :::4190                 :::*                    LISTEN      13600/dovecot       
tcp6       0      0 :::993                  :::*                    LISTEN      13600/dovecot       
tcp6       0      0 :::995                  :::*                    LISTEN      13600/dovecot   

That’s the output of netstat -ptan if it helps


closed #4

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.