Linux Iptables allow or open IMAP server port

last updated in Categories Debian Linux, Howto, Iptables, Linux, RedHat/Fedora Linux, Security, Suse Linux, Ubuntu Linux

The Internet Message Access Protocol (commonly known as IMAP or IMAP4) is an application layer Internet protocol that allows a local client to access e-mail on a remote server. An IMAP protocol is used for e-mail retrieval. Virtually almost all modern e-mail clients and servers support IMAP.


E-mail messages are generally sent to an e-mail server that stores received messages in the recipient’s e-mail mailbox. The user later retrieves these messages with either a web browser or an e-mail client that uses one of a number of e-mail retrieval protocols. While some clients and servers preferentially use vendor specific, typically proprietary protocols, most support the Internet standard protocols SMTP for sending e-mail and POP3 and IMAP4 for retrieving e-mail, allowing interoperability with other servers and clients.

Iptables allow or open IMAP server port

Following ports used by default
=> IMAP Port 143
=> SMTP Port 25

You can use iptables to open port 143. Just append following rules to your iptables script. It uses the TCP port 143. Following two iptable rules allows incoming IMAP request on port 143 for server IP address (open port 143):
iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d --dport 143 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s --sport 143 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

In order to block port 143 simply use target REJECT instead of ACCEPT in above rules. If you are typing above rules at shell prompt save them:
# /etc/init.d/iptables save
# iptables-save > /path/to/


Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

2 comment

  1. I added the above rules to the iptables with replacing the ipaddress of my mail server, but still in email client it is showing like. “Could not connect to imapservername: Connection refused” The mail configuration like port number in that evolution mails are correct. help me!!!!!!

  2. Hi!, Is there a way to only allow imap access to two specific ip addresses?, please help out on this one. Thanks!

    Have a question? Post it on our forum!