Understanding the Ports That Are Used by Exchange 2007 in a Mixed Environment
Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.
Applies to: Exchange Server 2007, Exchange Server 2007 SP1, Exchange Server 2007 SP2, Exchange Server 2007 SP3
This topic describes the ports that you must open to enable communication in a mixed environment that contains Microsoft Exchange Server 2003 and Microsoft Exchange Server 2007 computers. The following tables describe the specific ports that must be open between computers that are running different server and client roles.
Ports to Communicate Together With a Hub Transport Server
| To communicate from this computer: | To an Exchange 2007 Hub Transport server, use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
SMTP (25/587 TCP) SSL |
Exchange 2007 Client Access server |
No direct connection |
Exchange 2007 Mailbox server |
RPC MAPI (135 TCP) |
Public Folders (hosted by an Exchange 2007 Mailbox server) |
RPC MAPI (135 TCP) |
SMTP Relay servers (in a perimeter network) |
SMTP (25,995 SMTP TLS) |
Exchange 2007 Unified Messaging server |
SMTP (25,995 SMTP TLS) |
Outlook 2003 client |
No direct connection |
Outlook 2007 client |
No direct connection |
Other clients (POP3/SMTP/IMAP4) |
No direct connection |
Exchange 2003 Bridgehead server |
SMTP (25,995 SMTP TLS) |
Exchange 2003 front-end server |
No direct connection |
Public Folders (hosted by an Exchange 2003 back-end server) |
No direct connection |
Exchange 2003 back-end server |
No direct connection |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Ports to Communicate Together With a Client Access Server
| To communicate from this computer: | To an Exchange 2007 Client Access server, use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
No direct connection |
Exchange 2007 Client Access server |
80/443 TCP SSL |
Exchange 2007 Mailbox server |
RPC MAPI (135 TCP), many dynamic* |
Public Folders (hosted by an Exchange 2007 Mailbox server) |
RPC MAPI (135 TCP), many dynamic* |
SMTP Relay servers (in a perimeter network) |
No direct connection |
Exchange 2007 Unified Messaging server |
VoIP (TCP 5060,5061 SSL,5065,5066) |
Outlook 2003 client |
RPC over HTTP (80/443 TCP) |
Outlook 2007 client |
RPC over HTTP (80/443 TCP) |
Other clients (POP3/SMTP/IMAP4) |
POP3 (110/995 TCP), IMAP (143/993 TCP) |
Exchange 2003 Bridgehead server |
No direct connection |
Exchange 2003 front-end server |
No direct connection |
Public Folders (hosted by an Exchange 2003 back-end server) |
HTTP |
Exchange 2003 back-end server |
No direct connection |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Ports to Communicate Together With a Mailbox Server
| To communicate from this computer: | To an Exchange 2007 Mailbox server, use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2007 Client Access server |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2007 Mailbox server |
RPC MAPI (135 TCP), many dynamic* |
Public Folders (hosted by an Exchange 2007 Mailbox server) |
RPC MAPI (135 TCP), many dynamic* |
SMTP Relay servers (in a perimeter network) |
No direct connection |
Exchange 2007 Unified Messaging server |
RPC MAPI (135 TCP), many dynamic* |
Outlook 2003 client |
RPC MAPI (135 TCP), many dynamic* |
Outlook 2007 client |
RPC MAPI (135 TCP), many dynamic* |
Other clients (POP3/SMTP/IMAP4) |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 Bridgehead server |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 front-end server |
No direct connection |
Public Folders (hosted by an Exchange 2003 back-end server) |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 back-end server |
RPC MAPI (135 TCP), many dynamic* |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Ports to Communicate Together With Public Folders on a Mailbox Server
| To communicate from this computer: | To the Public Folders (hosted by an Exchange 2007 Mailbox server), use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2007 Client Access server |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2007 Mailbox server |
RPC MAPI (135 TCP), many dynamic* |
Public Folders (hosted by an Exchange 2007 Mailbox server) |
RPC MAPI (135 TCP), many dynamic* |
SMTP Relay servers (in a perimeter network) |
No direct connection |
Exchange 2007 Unified Messaging server |
No direct connection |
Outlook 2003 client |
RPC MAPI (135 TCP), many dynamic* |
Outlook 2007 client |
RPC MAPI (135 TCP), many dynamic* |
Other clients (POP3/SMTP/IMAP4) |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 Bridgehead server |
No direct connection |
Exchange 2003 front-end server |
RPC MAPI (135 TCP), many dynamic* |
Public Folders (hosted by an Exchange 2003 back-end server) |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 back-end server |
RPC MAPI (135 TCP), many dynamic* |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Ports to Communicate Together With SMTP Relay Servers
| To communicate from this computer: | To the SMTP Relay servers (in a perimeter network), use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
SMTP (25) |
Exchange 2007 Client Access server |
No direct connection |
Exchange 2007 Mailbox server |
No direct connection |
Public Folders (hosted by an Exchange 2007 Mailbox server) |
No direct connection |
SMTP Relay servers (in a perimeter network) |
SMTP (25) |
Exchange 2007 Unified Messaging server |
No direct connection |
Outlook 2003 client |
No direct connection |
Outlook 2007 client |
No direct connection |
Other clients (POP3/SMTP/IMAP4) |
No direct connection |
Exchange 2003 Bridgehead server |
No direct connection |
Exchange 2003 front-end server |
No direct connection |
Public Folders (hosted by an Exchange 2003 back-end server) |
No direct connection |
Exchange 2003 back-end server |
No direct connection |
Domain controller |
No direct connection |
Ports to Communicate Together With a Unified Messaging Server
| To communicate from this computer: | To an Exchange 2007 Unified Messaging server, use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
SMTP (25,995 SMTP TLS) |
Exchange 2007 Client Access server |
5060/5061/5062 TCP, dynamic |
Exchange 2007 Mailbox server |
RPC MAPI (135 TCP), many dynamic* |
Public Folders (hosted by Exchange 2007 Mailbox server) |
RPC MAPI (135 TCP), many dynamic* |
SMTP Relay servers (in perimeter network) |
No direct connection |
Exchange 2007 Unified Messaging server |
No direct connection |
Outlook 2003 client |
No direct connection |
Outlook 2007 client |
No direct connection |
Other clients (POP3/SMTP/IMAP4) |
No direct connection |
Exchange 2003 Bridgehead server |
No direct connection |
Exchange 2003 front-end server |
No direct connection |
Public Folders (hosted by Exchange 2003 back-end server) |
No direct connection |
Exchange 2003 back-end server |
No direct connection |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Ports to Communicate Together With an Outlook 2003 Client
| To communicate from this computer: | To an Outlook 2003 client, use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
No direct connection |
Exchange 2007 Client Access server |
No direct connection |
Exchange 2007 Mailbox server |
RPC MAPI (135 TCP), many dynamic* |
Public Folders (hosted by Exchange 2007 Mailbox server) |
RPC MAPI (135 TCP), many dynamic* |
SMTP Relay servers (in a perimeter network) |
No direct connection |
Exchange 2007 Unified Messaging server |
No direct connection |
Outlook 2003 client |
No direct connection |
Outlook 2007 client |
No direct connection |
Other clients (POP3/SMTP/IMAP4) |
No direct connection |
Exchange 2003 Bridgehead server |
No direct connection |
Exchange 2003 front-end server |
No direct connection |
Public Folders (hosted by Exchange 2003 back-end server) |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 back-end server |
RPC MAPI (135 TCP), many dynamic* |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP), many dynamic* |
Ports to Communicate Together With an Outlook 2007 Client
| To communicate from this computer: | To an Outlook 2007 client, use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
No direct connection |
Exchange 2007 Client Access server |
No direct connection |
Exchange 2007 Mailbox server |
RPC MAPI (135 TCP), many dynamic* |
Public Folders (hosted by Exchange 2007 Mailbox server) |
RPC MAPI (135 TCP), many dynamic* |
SMTP Relay servers (in a perimeter network) |
No direct connection |
Exchange 2007 Unified Messaging server |
No direct connection |
Outlook 2003 client |
No direct connection |
Outlook 2007 client |
No direct connection |
Other clients (POP3/SMTP/IMAP4) |
No direct connection |
Exchange 2003 Bridgehead server |
No direct connection |
Exchange 2003 front-end server |
No direct connection |
Public Folders (hosted by an Exchange 2003 back-end server) |
No direct connection |
Exchange 2003 back-end server |
No direct connection |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP), many dynamic* |
Ports to Communicate Together With Other Clients
| To communicate from this computer: | To other clients (POP3/SMTP/IMAP4), use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
No direct connection |
Exchange 2007 Client Access server |
No direct connection |
Exchange 2007 Mailbox server |
RPC MAPI (135 TCP), many dynamic* |
Public Folders (hosted by Exchange 2007 Mailbox server) |
RPC MAPI (135 TCP), many dynamic* |
SMTP Relay servers (in perimeter network) |
No direct connection |
Exchange 2007 Unified Messaging server |
No direct connection |
Outlook 2003 client |
No direct connection |
Outlook 2007 client |
No direct connection |
Other clients (POP3/SMTP/IMAP4) |
No direct connection |
Exchange 2003 Bridgehead server |
No direct connection |
Exchange 2003 front-end server |
No direct connection |
Public Folders (hosted by an Exchange 2003 back-end server) |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 Back-end server |
RPC MAPI (135 TCP), many dynamic* |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Ports to Communicate Together With an Exchange 2003 Bridgehead Server
| To communicate from this computer: | To an Exchange 2003 Bridgehead server, use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
SMTP (25,995 SMTP TLS) |
Exchange 2007 Client Access server |
No direct connection |
Exchange 2007 Mailbox server |
No direct connection |
Public Folders (hosted by an Exchange 2007 Mailbox server) |
No direct connection |
SMTP Relay servers (in a perimeter network) |
SMTP (25,995 SMTP TLS) |
Exchange 2007 Unified Messaging server |
No direct connection |
Outlook 2003 client |
No direct connection |
Outlook 2007 client |
No direct connection |
Other clients (POP3/SMTP/IMAP4) |
No direct connection |
Exchange 2003 Bridgehead server |
SMTP (25,995 SMTP TLS) |
Exchange 2003 front-end server |
No direct connection |
Public Folders (hosted by an Exchange 2003 back-end server) |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 back-end server |
RPC MAPI (135 TCP), many dynamic* |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Ports to Communicate Together With an Exchange 2003 Front-End Server
| To communicate from this computer: | To an Exchange 2003 front-end server, use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
No direct connection |
Exchange 2007 Client Access server |
No direct connection |
Exchange 2007 Mailbox server |
No direct connection |
Public Folders (hosted by an Exchange 2007 Mailbox server) |
No direct connection |
SMTP Relay servers (in a perimeter network) |
No direct connection |
Exchange 2007 Unified Messaging server |
No direct connection |
Outlook 2003 client |
No direct connection |
Outlook 2007 client |
No direct connection |
Other clients (POP3/SMTP/IMAP4) |
No direct connection |
Exchange 2003 Bridgehead server |
No direct connection |
Exchange 2003 front-end server |
No direct connection |
Public Folders (hosted by an Exchange 2003 back-end server) |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 back-end server |
RPC MAPI (135 TCP), many dynamic* |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Ports to Communicate Together With Public Folders on an Exchange 2003 Server
| To communicate from this computer: | To the Public Folders (hosted by Exchange 2003 back-end server), use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
No direct connection |
Exchange 2007 Client Access server |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2007 Mailbox server |
HTTP |
Public Folders (hosted by an Exchange 2007 Mailbox server) |
RPC MAPI (135 TCP), many dynamic* |
SMTP Relay servers (in a perimeter network) |
No direct connection |
Exchange 2007 Unified Messaging server |
No direct connection |
Outlook 2003 client |
No direct connection |
Outlook 2007 client |
No direct connection |
Other clients (POP3/SMTP/IMAP4) |
No direct connection |
Exchange 2003 Bridgehead server |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 front-end server |
RPC MAPI (135 TCP), many dynamic* |
Public Folders (hosted by Exchange 2003 back-end server) |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 back-end server |
RPC MAPI (135 TCP), many dynamic* |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Ports to Communicate Together With an Exchange 2003 Back-End Server
| To communicate from this computer: | To an Exchange 2003 back-end server, use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
No direct connection |
Exchange 2007 Client Access server |
80/443 TCP |
Exchange 2007 Mailbox server |
No direct connection |
Public Folders (hosted by Exchange 2007 Mailbox server) |
RPC MAPI (135 TCP), many dynamic* |
SMTP Relay servers (in perimeter network) |
No direct connection |
Exchange 2007 Unified Messaging server |
No direct connection |
Outlook 2003 client |
No direct connection |
Outlook 2007 client |
No direct connection |
Other clients (POP3/SMTP/IMAP4) |
No direct connection |
Exchange 2003 Bridgehead server |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 front-end server |
RPC MAPI (135 TCP), many dynamic* |
Public Folders (hosted by an Exchange 2003 back-end server) |
RPC MAPI (135 TCP), many dynamic* |
Exchange 2003 back-end server |
RPC MAPI (135 TCP), many dynamic* |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Ports to Communicate Together With a Domain Controller
| To communicate from this computer: | To a domain controller, use these ports: |
|---|---|
Exchange 2007 Hub Transport server |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Exchange 2007 Client Access server |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Exchange 2007 Mailbox server |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Public Folders (hosted by an Exchange 2007 Mailbox server) |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
SMTP Relay servers (in a perimeter network) |
No direct connection |
Exchange 2007 Unified Messaging server |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Outlook 2003 client |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP), many dynamic* |
Outlook 2007 client |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP), many dynamic* |
Other clients (POP3/SMTP/IMAP4) |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Exchange 2003 Bridgehead server |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Exchange 2003 front-end server |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Public Folders (hosted by an Exchange 2003 back-end server) |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Exchange 2003 back-end server |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
Domain controller |
LDAP (389/3268 TCP/UDP), Kerberos (88 TCP/UDP), DNS (53 TCP/UDP), RPC netlogon (135 TCP) |
* By default, "many dynamic ports" is the port range 1024-65535.