Microsoft Exchange TCP/IP Allow Services and Ports

It is enough to open the following Ports on your Firewall according to the usage requirement.

Port	Function
-TCP port 25 - SMTP
-TCP port 26 - SSL secured SMTP
-TCP port 110 - Post Office Protocol v. 3 (POP3)
-TCP port 995 - SSL secured POP3
-TCP port 143 - Internet Message Access Protocol v. 4 (IMAP4)
-TCP port 993 - SSL secured IMAP4
-TCP port 80 - HTTP for Outlook Web Access
-TCP port 443 - SSL secured HTTP for Outlook Web Access (HTTPS)
-TCP/UDP port 389 - Lightweight Directory Access Protocol (LDAP)
-TCP port 3268 - LDAP communications with an Active Directory Global Catalog Server
-TCP port 119 - Network News Transfer Protocol (NNTP)
-TCP port 563 - SSL secured NNTP
-TCP port 135 - Remote Procedure Protocol (RPC) however it will also use ports 1024 and up as needed.
-TCP/UDP port 53 - Domain Name System (DNS)
-TCP port 102 - Mail Transfer Agent (MTA) *Only used in X.400 connections.
-TCP/UDP port 88 - KERBEROS
- Additionally if you
are secureing any servers such as front-end / back-end servers with
IPSEC you will need to allow IP protocol 51 for the Authenitcation
Header, IP protocol 50, TCP/UDP port 88 for KERBEROS, and UDP port 500
for Key Exchanges.


Port	Function
25	SMTP
53	DNS
80	http
88	Kerberos
110	POP3
135	EPMAP
143	IMAP
389	LDAP
443	HTTPS
587	SMTP
993	IMAPS
995	POP3S
3268	Microsoft Global Catalog
3343	MS Cluster Net
5060	SIP
5061	SIP (over TLS)
5062	Localisation access
5075	Skype for Business Server Call Park service
5076	Skype for Business Server Audio Test service
50636	EdgeSync synchronization
64327	DAG replication

Saygılarımla. – Best regards.