FirstClass & DoubleCheck Network Needs
Note: Only incoming mail will be routed to the DC Box for spam/virus protection. The FC core server will send mail out to the internet from the FC box and not the DC Box. For the FC history feature to function this is the best practice. There are other reason you may want to send mail out through the DC box and we can set up that up needed. (mail filtering out, student tracking and policy enforcing)
IP & Domain required for:
* FirstClass box
(you should already have an IP for FC).
I would also set up the below domains for this IP:
mail.XXXXX.k12.wi.us
or
fc.XXXXX.com (or .org ect ...)
mail.XXXXX.com (or .org ect ...)
* DoubleCheck box
(this will be where all internet mail routes to - your ISP will have to change over the routing/MX records for mail flow to this box. Have them ready to do so the day we install the DC box. If they are ready to it is quick to 'flip the switch')
I would also set up the below domains for this IP:
dc.XXXXX.com
dc.XXXXX.k12.wi.us
smtp.XXXXX.k12.wi.us
Required Ports for the FC Box:
- Inbound and outbound port 510 - FirstClass Client
- Inbound and outbound port 80 - for Web connectivity (including WebDAV)
- Inbound and outbound port 25 - for SMTP email connectivity
- Inbound and outbound port 143 - for IMAP connectivity
- Inbound port 587 - for eSMTP email submision
Inbound port 407 - For the Timbuktu (may no longer be needed due to ARD)- Inbound port 5900 - For Apple Remote Desktop (ARD)
- Inbound port 3283 - For Apple Remote Desktop (ARD)
(below are other that may or may not been needed)
- Inbound and outbound port 810 - for FC Notifier connectivity
- Inbound and outbound port 2195 - for iPhone Push Notifier connectivity
- Inbound and outbound port 110 - for POP connectivity
- Inbound and outbound port 21 - for FTP connectivity
Most systems do not use POP mail or IMAP mail clients - only the FC Client (blocking these ports also limits attacks on the server).
NOTE - IMAP is required for mobile devices to recieve mail.
Required Ports for the DC Box:
- Inbound and outbound port 25/TCP - mail traffic in/out
- Inbound port 80/TCP - remote access
- Outbound port 53/UDP - DNS resolution & RBL lookups (unless utilizing internal name servers for resolution)
Required for Updates on DC Box: (all updates are now done via http)
- Outbound port 80/TCP - spam updates
Ports for Additional Services on DC Box (Optional but should be on):
- Outbound port 24441/UDP- pyzor (spam detection)
- Outbound port 6277/UDP- razor (spam detection)
- Outbound port 7/TCP -razor (spam detection)
Inbound Ports for Tech Services on DC Box
- Inbound port 22/TCP -SSH remote control
DC master servers and computers will only contact your server from these IPs
- 207.210.100.162
- 64.218.27.254
- 24.249.115.254
- 98.172.116.235
All Ports Used by FirstClass
|
Port Number |
TCP/UDP |
Used By | Defined As |
21 |
TCP |
FTP | File Transfers |
22 |
TCP |
SSH (OS X only) | Secure Shell Connection |
23 |
TCP |
CLUI | Command Line User Interface |
25 |
TCP |
SMTP | Inbound and Outbound E-Mail |
79 |
TCP |
Finger |
80 |
TCP |
HTTP | Hypertext Transfer Protocol |
110 |
TCP |
POP3 | Post Office Protocol Version 3 |
119 |
TCP |
NNTP | Net News Transfer Protocol |
143 |
TCP |
IMAP4 | Internet Message Access Protocol - version 4rev1 |
389 |
TCP |
LDAP | Lightweight Directory Access Protocol |
443 |
TCP |
HTTPS | Secure Hypertext Transfer Protocol |
510 |
TCP |
FCP | FirstClass Protocol (Used by FirstClass Client) |
810 |
UDP |
FirstClass Notifier |
993 |
TCP |
IMAP4 SSL | Secure Internet Message Access Protocol - version 4rev1 |
943 |
TCP |
LDAP SSL | Secure Lightweight Directory Access Protocol |
995 |
TCP |
POP3 SSL | Secure Post Office Protocol Version 3 |
3000 |
TCP |
Legacy FirstClass Clients |
3001 |
TCP |
Legacy FirstClass Clients |
3002 |
TCP |
Legacy FirstClass Clients |
3003 |
TCP |
Legacy FirstClass Clients |
3004 |
TCP |
Legacy FirstClass Clients |
333 |
TCP |
FPP | Flexible Provisioning Protocol (can be any port) |
Last updated Mon, Feb 11, 2013 1:37 AM
FirstClass is a registered trademark of Open Text inc. All other trademarks are the property of their respective owners.
Currently this website is being updated and will be pushed over to the new FirstClass 12 Web Services. For the next couple months our new websites will be under development as we run real world tests of the new FirstClass API. We do apologize for anything that does not line up.