iptables

# /etc/sysconfig/iptables
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

### iptables config for zimbra ###

# enable smtp
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT

#enable https
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
# enable smtp over ssl port 587
-A INPUT -m state --state NEW -m tcp -p tcp --dport 587 -j ACCEPT
# enable imap over ssl/tls
-A INPUT -m state --state NEW -m tcp -p tcp --dport 993 -j ACCEPT
# enable pop over ssl/tls
-A INPUT -m state --state NEW -m tcp -p tcp --dport 995 -j ACCEPT

#enable admin interface from LAN
-A INPUT -m state --state NEW -m tcp -p tcp --dport 7071 -j ACCEPT -s 192.168.0.0/24

-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT