skip to Main Content

Exchange 2016 firewall ports for mail flow and clients

Are you following the topic Exchange Server 2016? If you are, you do know that we first have to configure Exchange 2016 firewall ports for mail flow and clients. After that, we can start testing sending and receiving emails. In this article, you will learn about Exchange firewall ports requirements. Let’s get into the Exchange firewall configuration.

Configure Exchange 2016 firewall ports

It’s important to open the following three firewall ports for mail flow and clients. It will enable the Exchange server to communicate with other mail servers outside your organization.

In our example, the IP 192.168.1.52 is the Exchange Server.

An architecture view of the Exchange 2016 namespace is shown below in the diagram.

Test firewall ports

Verify the above three firewall rules after configuring them. If you followed the article configure External DNS Exchange 2016, you already have the public IP of your Exchange Server. If you want to get the public IP with PowerShell, log in to Exchange Server. Run PowerShell as administrator.

Test both ports 443 and 25 against the public IP, this is for incoming connections. Test port 25 against the Exchange Server, this is for outgoing connections. If it shows the TCP Test Succeeded value as True, you’re good to go. If not, check the firewall ports. Make use of the Test-NetConnection cmdlet.

You can check if port 443 and port 25 are open against the public IP with open port check tool. Fill in the public IP and the port numbers. It will scan if the ports are open.

Port 443 is open on public IP.

Port 25 is open on Public IP.

Do you like to know more about the Exchange firewall requirements? Read more in the next parts.

Exchange 2016 firewall ports for clients

To get clients working with Exchange, it’s very important to open port 443 on the firewall. This is only for inbound. Have a look at the image below. The arrows are only going from the Internet -> On-premises Exchange 2016 environment.

Exchange 2016 firewall ports for clients architect

*IMAP4 is disabled by default.
**POP3 is disabled by default.

Exchange 2016 firewall ports for mail flow

To get mail flow working with Exchange, it’s very important to open port 25 on the firewall. This is for both inbound and outbound. Have a look at the image below. The arrows are going from the Internet <-> On-premises Exchange 2016 environment.

Exchange 2016 firewall ports for mail flow architect

Conclusion

To sum it up, you learned which Exchange 2016 firewall ports for mail flow and clients need to be configured. The Exchange firewall configuration is important, otherwise you can’t send and receive email. Enable the ports on the firewall and test if the ports are open as shown in the article. Did you enjoy this article? You may also like to read Create bulk mailboxes in Exchange 2016 with PowerShell. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Connect with ALI TAJRAN on social media. Read more »

This Post Has 0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top