What ports must be excluded from blocking in iptables in order to my Virtualmin setup to function properly? I know I should keep open 10000, 20000. What else?
I am asking this, because I configured simple forward setup for all the incoming mails in Filter and Forward Mail in Usermin, but unfortunately no mail is forwarded, so I thought maybe my mail is being blocked by apf, which is installed on my server.
On the other hand it works with no issue if I compose and send mail form the same box, so outbound port for sending e-mails should be working. Then why forwarding does nto work?
Port# 25 indeed was blocked by apf. On the other hand, the problem was not only in blocked port. If someone encounter the same problem, please also read instructions on http://www.virtualmin.com/node/14004#comment-62463.
I’d like to also share with other users configuring APF for the first time with different port definition. Please add/correct/comment the following list of ports:
# Ingress (inbound) ports:
#
# 21 FTP
# 22 SSH
# 25 SMTP
# 53 DNS - Domain Name Server
# 80 HTTP
# 110 POP3
# 143 IMAP
# 443 HTTPS
# 953 BIND ??
# 993 imap4 protocol over TLS/SSL
# 995 pop3 protocol over TLS/SSL (was spop3)
# 2082 CPANEL (http://sitename.com:2082)
# 2083 CPANEL SSL (https://sitename.com:2083)
# 2084 entropychat server (also disable this from the CPANEL service manager if not used)
# 2086 WHM (http://sitename.com:2086)
# 2087 WHM SSL (https://sitename.com:2087)
# 2095 WebMail (http://sitename.com:2095)
# 2096 WebMail SSL (https://sitename.com:2096)
# 3306 mySQL remote access
# 6277 SpamAssassin / DCC (email scanning)
# 6666 Melange chat Server (also disable this from the CPANEL service manager if not used)
Egress (outbound) ports:
21 FTP
25 SMTP
37 Required for CPANEL Licensing
43 WHOIS
53 DNS - Domain Name Server
80 HTTP
110 POP3 (if you have scripts that need to retrieve email via POP, e.g. HelpDesk)