The Zimbra install suggests that you do not want to use a firewall. Actually, this is not the wisest decision, you should have a firewall.
Ubuntu 8.04 (Zimbra does not support 8.10 yet)
One thing that is important to recognize in regard to the UFW firewall is that there are already several common rules that are configured into the firewall immediately. One of those is the state rules that provide for any RELATED or ESTABLISHED connections. This means that if you connect to a web server from a machine it will allow the information you requested from the web server to return based on the fact that the local machine established the connection and the returning information was related to that request.
Protocols and Ports you will need open:
SSH is actually so you can access using encrypted communication remotely. You can eliminate this if you are not going to use that from the command line.
Zimbra Administration (7071)
Optional Ports if using Secure Connections
If you do not set up the secure ports, don’t use these. If you want secure connections and not the 110,143 connections above eliminate the insecure connections.
ufw allow http
# ufw allow proto tcp from 192.168.5.0/24 to any port 22
# ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall started and enabled on system startup
ufw allow proto tcp to any port 22
ufw allow proto tcp to any port 80
ufw allow proto tcp to any port 25
ufw allow proto tcp to any port 110
ufw allow proto tcp to any port 143
ufw allow proto tcp to any port 7071
# ufw status
To Action From
– —— —-
80/tcp ALLOW Anywhere
25/tcp ALLOW Anywhere
110/tcp ALLOW Anywhere
143/tcp ALLOW Anywhere
7071/tcp ALLOW Anywhere
22/tcp ALLOW Anywhere