Port numbers

Assuming a default configuration, the following inbound ports are required (depending on which services you want to make publicly available). All ports are TCP, unless otherwise mentioned.

25, Inbound and Outbound – ESMTP
53, Outbound – DNS (note that return packets are required)
110, Inbound and Outbound – POP3 and MultiPOP
143, Inbound – IMAP4
366, Inbound and Outbound – ODMR (ATRN, alternate ESMTP port)
465, Inbound – SSL SMTP
587, Inbound – ESMTP MSA (Mail Submission Agent — Have your mail cilents deliver here rather then 25 to avoid ISP firewalls
993, Inbound – SSL IMAP4
995, Inbound and Outbound – SSL POP3
4069 UDP, Inbound and Outbound – Minger

Even if you intend on enforcing encrypted connections, the unencrypted ports should be left active as the STARTTLS command starts a connection unencrypted and later adds encryption.

WorldClient, SyncML, ActiveSync, WebDAV, and possibly more
3000, Inbound – HTTP
80, Inbound – HTTP
443, Inbound – HTTPS

If nothing else on your server listens on port 80 and 443, it is highly recommended to assign these ports to WorldClient. It is required for ActiveSync’s AutoDiscovery, and for some older ActiveSync clients to connect.

1000, Inbound – WebAdmin’s webserver

3101, Outbound – BES services

80, Outbound – SA-Update

SecurityPlus/Outbreak Protection
21, Outbound – FTP for virus definitions updates
80, Outbound – HTTP for virus definitions updates and Outbreak Protection

If you are using a software firewall, you should ensure that the following processes have unrestricted inbound and outbound access: MDaemon.exe, WorldClient.exe, WebAdmin.exe, MDSpamD.exe, AVUpdate.exe

Finally, note that various parts of MDaemon interact using sockets to localhost IP addresses, so if you use a software firewall, you should not block any traffic to/from This includes SpamAssassin, WorldClient, BES and other features.

Using MultiPOP to pull all mail, including spam, from Gmail to MDaemon

With Gmail recently dropping support for ActiveSync, I’m seeing more and more people wanting to centralize all of their mail in local MDaemon installation.

This sometimes includes a situation where you want to pull mail from your old external mailboxes into MDaemon. When pulling mail from Gmail, for example, you’ll find that MDaemon’s MultiPOP feature grabs the Inbox, but what about mail that ends up in Gmail’s spam folder?

As it turns out, it’s possible to disable Gmail’s spam filtering using a custom Gmail filter, and then rely on MDaemon’s excellent spam filtering instead.

  1. Login to the Gmail account
  2. Click on Settings
  3. Click onĀ Forwarding and POP/IMAP
  4. Select one of the two Enable POP options
  5. Click Save Changes
  6. Click on Filters
  7. Create a new filter
  8. In the “Has the words” filter field, type “deliveredto:[email protected]” where [email protected] is the name of your Gmail box.
  9. Click the grey Create filter with this search >> link
  10. Enable Never send it to Spam
  11. Click Create filter

This will not apply to any messages already marked as spam (even if you use the “Also apply filter to…”, it will not move messages out of the Spam or Trash folder), so you will need to manually move any messages now in the Spam folder into the Inbox for MDaemon to see them.


MultiPOP and Gmail

MDaemon has a feature called MultiPOP which, when enabled, will cause MDaemon to download all messages from one or more POP3 accounts and deliver them directly to a MDaemon user’s mailbox.

The dialog has simple hostname, username, password fields, plus options to leave mail on server or not. What isn’t obvious is how to support hosts like Gmail, which require SSL. As it turns out, MDaemon actually does support Gmail, and other SSL enabled POP3 hosts.

There are a number of ways to access the MultiPOP configuration for an account, through MDaemon’s account editor, through WorldClient or WebAdmin (both web options only being available if the user is allowed to use MultiPOP).

To set up MultiPOP to pull mail from a POP3 account which requires SSL, open the MultiPOP dialog, enter the hostname or POP3 server name followed by :995

:995 tells MDaemon to use port 995, and MDaemon automatically switches to SSL mode since SSL is required for port 995.

For Gmail, enter the hostname “pop.gmail.com:995”, the username which must include the @domain portion. For example, for [email protected], you need to enter the full [email protected] address, not just “dave.warren”

For Gmail you should set MDaemon to delete mail from the server as Gmail doesn’t account honour this, instead Gmail allows you to control what happens to mail after it’s downloaded (Leave it in the Inbox, Archive it, Delete it)

Note that the instructions are the same for googlemail.com, and for other mailboxes hosted by Google, just use the appropriate email address in the username field.

One other thing to be aware of with Gmail in particular, Gmail doesn’t automatically enable POP3 access, you need to enable it by logging in to Gmail, going to Settings, then to the POP section and setting the appropriate option. If you choose to download all mail, Gmail only offers a few hundred messages at once, so if you are intending to download a massive Gmail mailbox into MDaemon, MDaemon will take some time as messages are downloaded in blocks of about 500 messages at a time.

UPDATE (2008/10/02): One other thing I forgot to mention, MDaemon must have SSL enabled. To enable SSL in MDaemon 10, go to the Security menu, choose Security, then go to “SSL & TLS” and enable the “Enable SSL…” option.

UPDATE (2011/11/10): This functionality was added to MDaemon in 9.6.3, described in the release notes as “[4037] DomainPOP and MultiPOP use TLS/SSL when connecting to port 995”, earlier versions of MDaemon can use stunnel as a workaround or upgrade to a current version.