ListManager requires the following ports be open on your firewall:
25 - TCP for SMTP (receiving mail; inbound)
53 - UDP for DNS lookups (outbound)
80 - Web interface
119 - TCP for NNTP (reading newsgroups; inbound)
1024-65535 - inbound
Some strict firewalls have problems with ListManager's DNS lookups.ListManager initiates the transaction from a random source port (range 1024..65536) to port 53 on remote name servers, and the UDP DNS packet returns to that random port. Most firewalls can keep state appropriately - they recognize that the request was initiated internally, and allow the inbound connection on the higher port. However, your firewall may need some additional rules to permit DNS information to be returned correctly to ListManager.
You may need to specify which IP addresses ListManager should use for SMTP, NNTP and DNS. The IP addresses ListManager uses for SMTP and NNTP may be configured for each site in Utilities: Administration: Sites. The IP address that ListManager should use for DNS lookups may be configured for the ListManager machine in Utilities: Administration: Server: Server Settings: Machine/Node Settings.
If you are running your web server on a different machine outside your firewall, or are running scripts against ListManager from a machine outside your firewall, you will also need to have the following ports open:
2021 - TCP for Tclport
How ListManager Initiates Connections
Database Connections
ListManager initiates a TCP connection to your database server (typically port 1433 for MSSQL, 1521 for Oracle).
SMTP Connections
ListManager initiates TCP connections to port 25 of external and internal mail servers. Incoming TCP connections come to port 25 of ListManager for incoming SMTP traffic (bounces, unsubscribes, etc).
DNS Connections
UDP DNS traffic initiates from ListManager to port 53 of worldwide name servers, and returning UDP DNS response traffic from port 53 of remote name servers.
HTTP Connections
Outgoing HTTP TCP on port 80 on the ListManager host machine is useful for configuration (downloading libraries) and web fetch.
Incoming HTTP TCP traffic to port 80 of the ListManager web server allows ListManager to track opens and clickthroughs, and allows access to the ListManager web interface.
The ListManager web server will initiate TCP traffic over port 2021 to the ListManager server for information to render web pages. The web server does not talk to the database directly; it uses ListManager as a proxy to get information from the database.