| Port | Protocol | Direction | Required for |
|---|---|---|---|
| 20 | FTP | In/Out | Backup & Restore, if using an FTP server located beyond the firewall. |
| 21 | FTP | In/Out | Backup & Restore and Transaction Logging, if using an FTP server located beyond the firewall. |
| 21 | FTPS (explicit) | In/Out | Backup & Restore and Transaction Logging. |
| 22 | TCP | In |
SSH access to the console. |
| 22 | SFTP | In/Out | Backup
& Restore and Transaction Logging. Also used to connect the |
| 25 | TCP | In | Inbound SMTP. |
| 25* | TCP | Out | Outbound SMTP. |
| 53 | UDP/TCP | In/Out | TRUSTmanager LiveFeed checks |
| 53 | TCP | Out |
DNS requests, if using DNS servers beyond the firewall. Only allow outbound requests to the specified DNS servers, and responses from those servers. |
| 53 | UDP | Out | |
| 80 | TCP | In | HTTP access to the PMM interface, if you are using PMM. |
| 80 | TCP | Out | HTTP access to the online help (clearswifthelp.clearswift.com) |
| 80 | TCP | Out | Access to product updates from repo.clearswift.net and rh.repo.clearswift.net |
| 80 | TCP | Out |
HTTP access to the Kaspersky and/or Sophos Update Servers for fetching anti-virus updates. Update servers: |
| 80 | TCP | Out |
HTTP access to the |
| 80 | TCP | Out |
HTTP access to the |
| 80 | TCP | Out |
HTTP access to policy rule/engine and spam update servers: http://sn12.mailshell.net http://sn60.mailshell.net http://db11spamcatcher.net http://verio.mailshell.net http://tisdk.mailshell.net http://ruledownloads.com http://rules-mailshell.co.uk http://rulesdownload.mailshell.net http://spamcatcher.net |
| 80 | TCP | Out | Clearswift Spam Detection stats from Clearswiftstat.mailshell.net |
| 80 | TCP | Out | Access to the RSS Feed from www.clearswift.com |
| 80 | TCP | Out | Access to the service availability list |
| 123 | UDP | Out | Access to NTP services, if configured. The following servers are configured by default: 0.rhel.pool.ntp.org, 1.rhel.pool.ntp.org, 2.rhel.pool.ntp.org, 3.rhel.pool.ntp.org. |
| 135 | TCP | Out | User Authentication using NTLM when using PMM in Full Mode. |
| 137 | UDP | Out | User Authentication using NTLM when using PMM in Full Mode. |
| 139 | TCP | Out | User Authentication using NTLM when using PMM in Full Mode. |
| 162 | UDP | In | SNMP alerts |
| 389 | TCP | In/Out | LDAP directory access, if you use LDAP servers beyond the firewall. |
| 389 | TCP | In/Out | LDAP Key Server Queries. |
| 443 | TCP | In/Out | Kaspersky KSN lookup (While this is using port 443, the traffic is not standard HTTP/S. Do not try to route through an SSL proxy) |
| 443 | TCP | In | HTTPS access to the |
| 443 | TCP | Out |
HTTPS access to the 86.188.240.24 213.106.99.208 46.236.38.70 |
| 443 | TCP | In/Out | HTTPS Key Server Queries. |
| 445 | TCP | Out | User Authentication using NTLM when using PMM in Full Mode. |
| 514 | TCP | Out | Central SYSLOG Server (log export). |
| 636 | TCP | In/Out | Secure LDAP/S directory access. |
| 990 | FTPS | In/Out | Backup
& Restore and Transaction Logging. Also used to connect the |
| 11371 | TCP | In/Out | HTTP Key Server Queries. |
| 3268 | TCP | Out |
LDAP connection to an active directory global catalog port, if you use LDAP servers beyond the firewall. |
| 3269 | TCP | In/Out | LDAP and SSL connection to an active directory global catalog port, if you use LDAP servers beyond the firewall. |
| 19200 | UDP | In/Out | Broadcasting of greylisting data to Peer |