• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 235
  • Last Modified:

Ports allowed for outlook Express

Hey Guys,
Simple question hopefully.
I am doing some testing on some firewalls and have a question regarding Outlook Express.
I am running Ethereal to see exactly what is going over the line and to what ports. OE talks out on 110 retrieving mail but then the outside server responds on a 25xx port usually. I know this is common because the computer issues another port to continue the conversation on. How does this affect how you are setting up your firewall. Shouldn't the conversation bomb out because of the 25xx ports being used?
Thanks a million.
  • 2
1 Solution
Any TCP/IP connection is initiated by an initiating port and a response port. The respose port is usually a port from the not reserved pool. If you see in your firewall logs a communication with local port on 25xx and remote port on 110, that means that your server or client has established a connection with the remote server. As the 110 port is reserved and maybe used by your own system, the remote server cannot respond on the same port, usually it takes a port offered by your own server/client (25xx). Within your log file, you can see, that the ports will arise, i.e. 2510 for the first request, 2511 for the second and so on, as long as ports are available.

As your firewall knows the established ports for this single connection, the firewall is able the handle this. That means, that there is no need for any additional setting, as these ports can only be used for this dedicated connection. As long as the port is used, no other application can make a request to the local port (25xx) as it is dedicated to this connection and used as long as the connection is open. If the connection closes, the port is also closed and your firewall do not allow, that anybody else can use it.

The configuration is made in that way, that you allow port 110 for outgoing requests and any port for the corresponding answers. This is usually made within the same protocol definition. This means, that only the remote server, which gets a request on port 110 can answer to the request (on any port), but can not make a request for its own.

If you are unsure, if your firewall is save, you can test it by using

Shields UP
PremierncAuthor Commented:
Thanks for the info. I also imagine that your firewall has to stateful in order to dedicate the port the current application, is this corrrect. Thanks again.
If an application establishes a connection to a remote system, the firewall has usually nothing to do (in the first step) with any used port ranges. This is a agreement between the initiation application and the remote server. If your applications initiates a connection on port 110, it usually offers a port range for response, from which one free port is choosen, or it accepts any port. As long as the connection is established, no other application can use these (two) ports as TCP/IP do not allow that. This is the reason, why you have to setup your firewall i.e. for port 110 local outgoing and any port remote for response. As every connection gets a session-ID, the firewall knows, which session is allowed to answer, which is only the session, originally initiated on port 110.  The other ports out of the port range are obsolete, therefore free for other communication, but not open from outside.

Hope this answers your second question?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now