Trustwave Becomes First Pure-Play MDR Provider to Attain FedRAMP Authorization. Learn More

Submit RFP
Contact Us
Login

Fusion Platform Login

What is the Trustwave Fusion Platform?

Support Download/Forum Login

MailMarshal Cloud Login
Incident Response
Experiencing a security breach?

Get access to immediate incident response assistance.

24 HOUR HOTLINES
AMERICAS +1 855 438 4305

EMEA +44 8081687370

AUSTRALIA +61 1300901211

SINGAPORE +65 68175019

Recommended Actions

Submit RFP
Contact Us
Login

login

Fusion Platform Login

What is the Trustwave Fusion Platform?

Support Download/Forum Login

MailMarshal Cloud Login
Incident Response
Incident Response
Experiencing a security breach?

Get access to immediate incident response assistance.

24 HOUR HOTLINES
AMERICAS +1 855 438 4305

EMEA +44 8081687370

AUSTRALIA +61 1300901211

SINGAPORE +65 68175019

Recommended Actions

Trustwave Becomes First Pure-Play MDR Provider to Attain FedRAMP Authorization. Learn More

Request a Demo

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

View All Trustwave Services

BY INDUSTRY

BY REGULATION

BY TOPIC

Microsoft Security

Unlock the full power of Microsoft Security

Offensive Security

Solutions to maximize your security ROI

Rapidly Secure New Environments

Security for rapid response situations

Securing the Cloud

Safely navigate and stay protected

Securing the IoT Landscape

Test, monitor and secure network objects

About Us

We reduce cyber risk and fortify organizations

Awards and Accolades

Recognition by analysts and media outlets

Trustwave SpiderLabs Team

Global researchers, ethical hackers, and responders

Trustwave Fusion Security Operations Platform

Unprecedented security visibility and control

Trustwave Security Colony

Access to cybersecurity threat protection resources

Microsoft Security

Unlock the full power of Microsoft Security

Trustwave PartnerOne Program

Join forces with Trustwave to protect against the most advance cybersecurity threats

BLOGS

UPCOMING

MEDIA & ASSETS

NOTICES

HELP

Trustwave Knowledge Base

KB Home Search Latest Additions Most Popular

Knowledgebase

Home » Knowledgebase » Trustwave MailMarshal (SEG) » INFO: What ports need to be open in my firewall for MailMarshal...

INFO: What ports need to be open in my firewall for MailMarshal SMTP?

Show/Hide Article Tools

This article applies to:

Trustwave MailMarshal (SEG)

Question:

What ports need to be open in my firewall for MailMarshal SMTP?

Information:

For latest information, always review the Release Notes and User Guide for your installed version of the product.

The table below details the various ports used by Trustwave MailMarshal (SEG):

Port	Direction	Source	Destination	Required for Versions	Explanation
tcp/25	Both	Mail Processing Nodes	All	All	MailMarshal SMTP must be able to send and receive data on port 25 for SMTP communications to the outside world.
udp/53 tcp/53	Outbound	All MailMarshal SMTP Components	DNS servers specified in MailMarshal SMTP configuration	All	MailMarshal SMTP uses port 53 to query DNS servers during PTR checking, blocklist lookups, authentication, and when sending email to an external recipient.
tcp/80 tcp/443	Outbound	Array Manager	www.marshal.com	All	The automatic updates feature connects to www.marshal.com periodically to download new SpamCensor updates (and occasionally updates to other functionality, depending on version) using HTTP and HTTPS.
tcp/80 tcp/443	Outbound	Node Controller Receiver Engine	Any	6.5 and above	Various functions of the MailMarshal processing node require HTTP and HTTPS access. IP addresses and URLS are not limited to a known set. Notably for use of TLS (version 7.1 and above) the Controller must be able to access Certificate Revocation Lists that could be published at any valid URL.
tcp/443	Incoming	Workstations/Browsers used to configure and manage SEG	Management Console website (Array Manager server)	10.X and above	MailMarshal (SEG) 10 introduces a web management interface in place of the Configurator and Console. Carefully consider access to this interface (intranet only, extranet, or potentially Internet).
tcp/110	Incoming	All	Mail Processing Nodes (POP3 only)	All	If the MailMarshal POP3 server is being used, incoming access to port 110 is required for clients to retrieve their mail.
tcp/389	Outgoing	Array Manager	Active Directory Domain Controllers/LDAP Servers	All	Outbound access to port 389 is required if MailMarshal retrieves groups from Active Directory or another LDAP server, if Active Directory is used for SMTP AUTH, or if email addresses are retrieved automatically from AD for the Spam Quarantine Management website.
tcp/1433	Outgoing	Array Manager	SQL Server	All	Outbound access to port 1433 on the SQL server is mandatory.
tcp/19001	Incoming	Controller MailMarshal Configurator (8.X and below) MailMarshal Console (8.X and below) MailMarshal Web Components	Array Manager	All	The Controller must be able to contact the Array Manager to receive configuration updates, service commands, etc. The Configurator, Console, and Web Components must talk to the Controller or Array Manager (depending on version) in order to function. Note: The Array Manager should be installed in the trusted network. Connection from the Configurator to the Array Manager requires NetBIOS ports (135-139) and Trustwave recommends you DO NOT open these ports through your firewall. See Trustwave Knowledgebase article Q10026.
tcp/19001	Incoming	Array Manager	Controller	All	The Array Manager must be able to contact the Controller server to check node status, and various other administrative tasks.
tcp/19006 (https)	Incoming	Array Manager	REST API clients	8.X and above	If you use the SEG REST API to manage SEG, this is the required port for client connections.

This article was previously published as:: NETIQKB36130

To contact Trustwave about this article or to request support:

Create a case through the support portal (U.S. Government customers, use the TGS support portal).
Call us on a local phone number.

Rate this Article:

Tags:

NETIQKB36130


	Q11360 INFO: What ports need to be open in my firewall for the McAfee for Marshal Virus Scanner?
	Q11906 INFO: What ports need to be open in my firewall for Sophos for Marshal?