Port 10024: Unassigned but Essential — The Email Scanner Nobody Asked Permission For

The Port Range Explained

Port 10024 lives in the registered port range: 1024 through 49,151. This is IANA's space for applications that need a well-known port. Anyone can request assignment here. Thousands have. But port 10024 is not one of them.

Unassigned doesn't mean unused. It means the Internet Assigned Numbers Authority hasn't officially recorded anyone as the owner. The port remains available in the registry, technically claimable by the first legitimate application to request it. Until then, it's free space—and something moved in.

The Actual Use: Amavisd-New

Port 10024 is the de facto standard for amavisd-new, a content filtering system that sits between your mail server and the rest of the Internet.¹ Here's how it works:

1. Postfix (the mail transfer agent) receives an email on port 25
2. Amavis on port 10024 accepts the message and passes it to scanners
3. ClamAV scans for viruses; SpamAssassin evaluates for spam
4. Amavis returns clean mail to Postfix on port 10025 for delivery

Without port 10024, that email sits in an unfiltered queue. With it, millions of malicious messages die in transit every day—before they reach your inbox.²

Some systems also use port 10026 as a companion, typically for authenticated or outgoing mail, allowing different filtering policies for internal vs. external traffic.³

Why It Never Got Official Assignment

This is where the real story lives. Amavisd-new chose port 10024 pragmatically—a reasonable number in a sparse range. The software worked. Mail servers adopted it. By the time anyone thought about official IANA assignment, it didn't matter anymore. The port had become de facto standard through ubiquity, not bureaucracy.

This happens more often than you'd think. The formal process is slow. The technical community moves fast. Sometimes the community wins.

How to Check What's Listening

On Linux/macOS:

sudo lsof -i :10024
sudo netstat -tuln | grep 10024
sudo ss -tuln | grep 10024

On Windows:

netstat -ano | findstr :10024

If amavisd-new is running and properly configured, you'll see it bound to 127.0.0.1:10024 (localhost only, for security). It doesn't listen on the public Internet. It's internal infrastructure—a gatekeeper that works behind the curtain.

The Larger Pattern

Port 10024 matters because it shows the Internet's real structure. Official assignments matter less than working infrastructure. The port registry exists to prevent collisions, not to govern. When applications need a port, they find one. Sometimes they ask IANA first. Sometimes they just take a number that makes sense and the whole Internet follows.

Port 10024 is unassigned, unclaimed, never formalized—and absolutely essential. The Internet works around its own rules when the alternative is broken mail.