If you will use the following capabilities, you will need to change your firewall and/or router to send requests from the Internet to the server's external IP address:

• Receive email directly from other hosts on the Internet:  TCP port 25
• Access your filed emails using secure IMAP over SSL from a remote location: TCP port 993
• Public web pages with http: TCP port 80
• Public web pages with https: TCP port 443

The server fully supports POP3 on port 110 (not secure) and POP3 over SSL on port 995 (is secure) . We encourage you to use secure IMAP over SSL for remote email retrieval.

If you will not be using or allowing any of these services from the Internet, then do not allow any inbound connections. If there are no inbound connections allowed your server security will be greatly improved.

If your firewall restricts outbound traffic from the server's external IP address, please contact ONS Customer Support for further information on what ports must be allowed outbound. 

Security Note: You should never configure your router/firewall to allow traffic from the Internet to go to the server's internal IP address. You should always block all traffic from the server's internal IP address to the Internet.

Security Note: We strongly recommend that you not allow FTP connections from the Internet.  Even using it from the trusted  network should be avoided. FTP is a serious security threat since it can easily expose account names and passwords to the Internet. If you plan to allow FTP to or from the Internet, please contact us so that we can discuss alternatives.