The Windows' built-in utility conducts inbound and outbound data flow accordingly between mail server and incoming/outgoing email messages
A. Other than Internet router, your mail server itself has a built-in firewall called Windows Firewall. It is functioning similarly as Internet routers. From Control Panel within your mail server, browse to Windows Firewall and configure all necessary ports.
B. Several mail-related ports must be opened between your mail server host and the outside world. In Windows Firewall, you need to open the following ports:
1. SMTP / SMTP STARTTLS -TCP 25 / used for sending mails and SMTP & SMTP STARTTLS share the same port.
2. SMTP Submission - TCP 587 / used as an alternative sending port.
3. SMTP SSL - TCP 465 / used for SMTP SSL encrypted mail sending.
4. POP3 - TCP 110 / used for receiving mails in POP3 mode.
5. POP3 SSL - TCP 995 / used for POP3 SSL encrypted mail receiving.
6. IMAP v4rev1 - TCP 143 / used for receiving mails in IMAP4 mode.
7. IMAP v4rev1 SSL - TCP 993 / usd for IMAP4 SSL encrypted mail receiving.
8. HTTP (WebMail) - TCP 80 / used for logging in mail server through web browser. (optional)
9. HTTP SSL (WebMail) - TCP 443 / used for logging in mail server through web browser with SSL. (optional)
a. CalDAV & CardDAV - TCP 8008 / used for CalDAV & CardDAV protocol in non-SSL mode.
b. CalDAV - TCP 8443 / used for CalDAV protocol in SSL mode.
c. CardDAV - TCP 8843 / used for CardDAV protocol in SSL mode.
d. RDP - TCP 3389 / used for Remote Desktop Protocol to remotely control over your mail server. (optional)
C. From Windows XP to Windows 8, the steps to open each port are essentially the same. Find Windows Firewall within Control Panel and define each rule with TCP and port number. Do this one by one and do not skip.
D. However, if you have EVO installed, then you may use an included feature of mail-related port auto-checkup and port configuring tool. It is located at the Server setting status of Status Page and gives you an overview on whether ports are being properly opened within Windows Firewall.