| 20 |
FTP |
In/Out |
Backup & Restore if using an FTP server located beyond the firewall. |
| 21 |
FTP |
In/Out |
Backup & Restore and Transaction Logging if using an FTP server located beyond the firewall. |
| 21 |
FTPS (exp) |
In/Out |
Backup & Restore and Transaction Logging. |
| 22 |
TCP |
In |
SSH access to the console. |
| 22 |
SFTP |
Out |
Backup & Restore, and, server containing lexical data for import |
| 25 |
TCP |
In |
Inbound SMTP |
| 25 |
TCP |
Out |
Outbound SMTP. If your system uses an alternative port, open that instead. |
| 53 |
UDP/TCP |
In/Out |
TRUSTmanager LiveFeed checks |
| 53 |
UDP/TCP |
Out |
DNS requests, if using DNS servers beyond the firewall. Only allow outbound requests to the specified DNS servers, and responses from those servers. |
| 80 |
TCP |
In |
HTTP access to the PMM interface (if using PMM) |
| 80 |
TCP |
Out |
HTTP access to the Clearswift Junk Email and Malware Detection Servers |
| 80 |
TCP |
Out |
HTTP access to the policy rule/engine and spam update servers |
| 80 |
TCP |
Out |
Clearswift Spam Detection stats from:
clearswiftstat.mailshell.net
|
| 80 |
TCP |
Out |
Access to SpamLogic Rule/Engine updates:
sn12.mailshell.net
db11.spamcatcher.net
verio.mailshell.net
ruledownloads.mailshell.net
tisdk.mailshell.net
|
| 80 |
TCP |
Out |
HTTP access to Secure Email Gateway online help |
| 80 |
TCP |
Out |
Access to the Service Availability List:
services1.clearswift.net
services2.clearswift.net
services3.clearswift.net
|
| 80 |
TCP |
Out |
Access to the RSS Feed from:
www.clearswift.com
|
| 123 |
UDP |
In/Out |
Access to NTP services, if configured. The following servers are configured by default:
0.rhel.pool.ntp.org
1.rhel.pool.ntp.org
2.rhel.pool.ntp.org
3.rhel.pool.ntp.org
|
| 135 |
TCP |
Out |
User authentication using NTLM (when using PMM in Full Mode) |
| 137 |
UDP |
Out |
User authentication using NTLM (when using PMM in Full Mode) |
| 139 |
TCP |
Out |
User authentication using NTLM (when using PMM in Full Mode) |
| 161 |
UDP |
Out |
SNMP inbound: the port used by an SNMP browser when scanning Secure Email Gateway |
| 162 |
UDP |
Out |
SNMP alerts |
| 389 |
TCP |
In/Out |
LDAP directory access (if you use LDAP servers beyond the firewall) |
| 389 |
TCP |
In/Out |
LDAP Key Server Queries |
| 443 |
TCP |
In/Out |
HTTPS Key Server Queries |
| 443 |
TCP
|
In/Out |
HTTPS access to Clearswift Secure Email Gateway web interface and for communications between Peer Gateways |
| 443 |
TCP |
Out |
HTTPS access to the Clearswift Update Server for TRUSTmanager statistics. |
| 443 |
TCP |
Out |
HTTPS MTA-STS policy file queries |
| 443 |
TCP |
Out |
HTTPS access to the Clearswift Update Server for license management and handling Managed Lexical Expression Lists:
applianceupdate.clearswift.com
|
| 443 |
TCP |
Out |
Access to Clearswift product and Operating System updates:
products.clearswift.net
rh7-repo.clearswift.net
|
| 443 |
TCP |
Out |
HTTPS access to the Sophos or Avira Update Servers for fetching anti-virus updates and software upgrades.
Sophos update servers:
sav-update-1.clearswift.net
sav-update-2.clearswift.net
sav-update-3.clearswift.net
sav-update-4.clearswift.net
sav-update-5.clearswift.net
sav-update-6.clearswift.net
Avira update servers:
aav-update-1.clearswift.net
aav-update-2.clearswift.net
aav-update-3.clearswift.net
aav-update-4.clearswift.net
aav-update-5.clearswift.net
aav-update-6.clearswift.net
*.apc.avira.com
|
| 443 |
TCP |
Out |
HTTPS access to Sophos Sandboxing Server (port is used for sending potential malware for scanning, and this traffic must not be blocked):
analysis.sophos.com
apac.analysis.sophos.com
au.analysis.sophos.com
de.analysis.sophos.com
uk.analysis.sophos.com
us.analysis.sophos.com
|
| 443 |
HTTP/S |
Out |
Access to Sophos URL Lookup Server:
t4.sophosxl.net
|
| 443 |
TCP |
Out |
Access to the SpamAssassin ruleset database:
spamassassin.clearswift.net
|
| 443 |
TCP |
Out |
Access to the PhishTank URL database:
phishtank.clearswift.net
|
| 445 |
TCP |
Out |
User authentication using NTLM (when using PMM in Full Mode) |
| 514 |
TCP |
Out |
Access to the central SYSLOG server (log export) |
| 636 |
TCP |
In/Out |
Secure LDAP/S directory access |
| 990 |
FTPS |
In/Out |
Backup & Restore and Transaction Logging.Also used to connect Clearswift Secure Email Gateway with your server containing lexical data for import. |
| 3268 |
TCP |
Out |
LDAP connection to an active directory global catalog port (if you are using LDAP servers beyond the firewall) |
| 3269 |
TCP |
In/Out |
LDAP and SSL connection to an active directory global catalog port (if you are using LDAP servers beyond the firewall) |
| 9090 |
TCP |
In/Out |
Connection to Red Hat Cockpit |
| 11371 |
TCP |
In/Out |
HTTPS Key Server Queries |
| 19200 |
UDP |
In/Out |
Broadcasting of greylisting data to Peer Gateways |