Communication port management for Exchange servers

Source: Internet
Author: User
Tags end iis mail nntp version file transfer protocol access port number

In this article, I'll introduce you to the communication ports used by various Exchange servers (ExchangeServer) components of Microsoft's development, so that you know which ports can be shut down and which ones must remain open for better security.

Exchange Systems Services (Exchange System Attendant)

Exchange System Attendant is one of the most difficult to plan Exchange components, primarily using inbound TCP135 ports, and also using some random ports at the end of RPC (remote Procedure call remoting) service ( Exchange System Attendant does not initiate any external connections. These random ports use more than 1024 ports, but as each system Attendant starts, the port number may change. If you are using RPC over HTTP (a remote procedure call under the HTTP protocol), then TCP6002 to Port No. 6004 can also be used as inbound traffic.

Information storage

Exchange information is stored at the TCP135 port to receive inbound traffic. If RPC over HTTP is used, the TCP6001 port can also be used for inbound traffic. Information storage is the use of outbound traffic to send new mail notifications to customers. By default, each Outlook customer receives a notification of a new message from a random UDP port. These random UDP ports are not used by clients to access the server via RPC over HTTP. RPC over HTTP is using Direct server rotation detection (Polling) (connecting to another host to view e-mail messages).

Message transfer agent (Transfer agent)

The message transfer agent (MTA) is used for communication with the Exchange5.5 server and also for servers that communicate only through the X.400 protocol. The MTA performs RPC-based traffic on the TCP135 port. X.400 communication is performed on the TCP102 port.

SMTP (Simple Message Transfer Protocol)

SMTP is one of the core components of Exchange Server, and SMTP traffic must not be blocked. SMTP traffic is on the TCP25 port.

Microsoft Exchange Routing Engine (Microsoft Exchange Routing Engine)

The routing engine is a little-known one of the exchange features using one port, in your Exchange system the routing engine sends traffic between the various servers and uses the TCP691 port.

World Wide Web Publishing services

Technically, the World Wide Web Publishing Service is not part of exchange, but IIS (IIS refers to a group of Internet servers, including a server that uses Hypertext Transfer Protocol and a server that uses a file transfer Protocol). However, this service provides the core functionality of OWA (Outlook Web Access). If the server is acting as an OWA front-end server, then the WWW Publishing Service uses TCP 80 and 443 ports (provides SSL). There is only one request to send the output stream from 80 ports, this time in the front-end to the back-end server communication process.

POP3 (Mail Receipt Protocol 3)

Exchange Server 2003 disables POP3 by default, unless the server has been upgraded from a previous version of Exchange. If your server is using POP3, it listens for inbound information on TCP 110 and 995 port (SSL). Typically, POP3 does not send outbound traffic. However, if POP3 is used for front-end communication with back-end servers, outbound traffic is sent using TCP 110 ports.

IMAP4 (Message Access Protocol 4)

Like POP3, IMAP4 is disabled in the default of Exchange server unless the server is upgraded to version 2003. IMAP4 uses TCP 143 and 993 port (SSL) for inbound communication. It is only used in a front-end or back-end server configuration to send outbound traffic, in which case TCP 443 ports are used.

NNTP (Network News Transfer Protocol)

NNTP is also disabled by default unless the server is upgraded to Exchange Server 2003. NNTP uses TCP119 and Port 563 (SSL) for inbound communication, which can also be used for outbound communication if the server is configured to push information to other NNTP servers.

Site Replication Service

The Site Replication Service is an RPC based service. As you would expect, this service is primarily for inbound and outbound traffic using the TCP135 port, although it sometimes uses additional random TCP ports for outbound communication. Inbound traffic is still using the TCP379 port.

Active Directory Connector (Active Directory Connector)

The Active Directory Connector supports outbound only and is performed on TCP 379 and 389 ports.

Exchange Management

Exchange Management is not a built-in Exchange service; it is actually a generic term for all WMI-based Exchange Server management tools. One good example of this tool is Microsoft Operations Manager Microsoft Operations Manager (MOM). WMI-based tools use RPC and inbound traffic through RPC on the TCP135 port and other random UDP ports.



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.