FortiManager Open Ports FortiGuard Open Ports FortiAnalyzer Open Ports FortiManager Open Ports FortiGuard Open Ports

FortiMail Open Ports

note icon

When operating in its default configuration, FortiMail does not accept TCP or UDP connections on any port except port1 and port2 network interfaces, which accept:

  • ICMP pings,
  • HTTPS connections on TCP port 443,
  • and SSH connections on TCP port 22.
  Incoming Ports
  Purpose Protocol/Port
Admin by Console or PC TCP/443 or TCP/80 or TCP/22 or TCP/23
Email Client Quarantine View/Retrieve TCP/80 or TCP/443 or TCP/110
SMTP or SMTPS TCP/25 or TCP/465
POP3 or POP3S TCP/110 or TCP/995 (server mode only)
IMAP or IMAPS TCP/143 or TCP/993 (server mode only)
FortiManager Config/Firmware Push TCP/22
SNMP Poll TCP/161
FortiGuard AV Push UDP/9443
External Email Server SMTP or SMTPS TCP/25 or 465
Protected Email Server SMTP or SMTPS TCP/25 or 465

 

  Outgoing Ports
  Purpose Protocol/Port
FortiAnalyzer Syslog UDP/514
FortiManager Reg, Config Backup, Config/Firmware Pull TCP/443
SNMP Traps UDP/162
FortiGuard AS Rating UDP/53
AV/AS Update TCP/443
External Email Server SMTP or SMTPS TCP/25 or TCP/465
Protected Email Server SMTP or SMTPS TCP/25 or TCP/465
POP3 Auth TCP/110
IMAP Auth TCP/143
Others Dyn DNS TCP/80 etc.
DNS, RBL UDP/53
NTP UDP/123
Alert Email TCP/25
LDAP or LDAPS TCP/389 or TCP/636
RADIUS Auth TCP/1812
NAS TCP/21, TCP/22, TCP/2049
FortiSandbox Community Cloud Communication TCP/443, TCP/514
note icon

Note that FortiMail uses the following URLs to access the FortiGuard Distribution Network (FDN):

  • update.fortiguard.net
  • service.fortiguard.net
  • support.fortinet.com

Furthermore, FortiMail performs these queries and updates listed below using the following ports and protocols:

  • FortiGuard Antispam rating queries: UDP 53, 8888, 8889
  • FortiGuard AntiVirus Push updates: UDP 9443
  • FortiGuard Antispam or AntiVirus updates: TCP 443