Mailsend+ Connection Support
Issue
- The device is not connecting to the data server via a wired network connection.
- The device displays the message “Unable to resolve host” or “Unable to resolve api.pitneybowes.com/us”.
- The device displays the message “Failed to Update Please Contact Mailcoms”
Note: If you are experiencing issues with a wireless (Wi-Fi) network connection, see the topic Wireless (Wi-Fi) Connection Issues below.
Cause
Network connection issues may be caused by problems with the settings, the physical connection, or a firewall.
Resolution – Solution 1: Restart the device
1. Unplug the power cord and the network cable. The screen should turn off after 10 seconds.
2. Wait two minutes.
3. Plug the power cord back in, ensuring that it is plugged directly into a wall outlet.
4. Quickly tap and release the power button to turn the device back on.
5. Once the device turns back on, plug the network cable back in.
6. Wait one minute, then try the network connection again.
Resolution – Solution 2: Check the physical connection
1. Make sure that the device is not connected to a phone line or to a computer with PC Meter Connect, as this device does not support those connection types.
2. Make sure that the network cable is securely plugged into the device. You should hear a soft click when it is fully inserted.
3. Check the LED lights located on the back of the device where the network cable plugs in. These lights should become lit within one minute of turning on the device and indicate the status of the connection.
- If the cable is plugged in but the lights are off:
- Verify that the other end of the network cable is plugged into an active router or wall jack.
- Try a different cable. After a new cable is installed, if there are still no lights, contact technical support. Please have your model and serial number ready.
- If both the top (green) and the bottom (orange/amber) network card LEDs flicker constantly (even when the device is asleep), the connection is active. If you see these lights but the device is still not connecting, proceed to solution 3.
- If you see any other light pattern, proceed to solution 3.
Resolution – Solution 3: Check the network settings
For information about the connection settings required on your network, contact your IT department.
If you wish the device to get an IP address automatically and do not need a static IP address:
1. Tap the Settings icon on the toolbar.
2. Tap Wired (Ethernet).
3. Select the Connection Type DHCP.
4. Tap Connect.
If you need to set the device to a static IP address:
1. Tap the Settings icon on the toolbar.
2. Tap Wired (Ethernet).
3. Select the Connection Type Static IP.
4. Enter the IP address, Netmask, Gateway, and DNS Address. Contact your IT department for this information.
If you need to set a proxy server:
1. Tap the Settings icon on the toolbar.
2. Tap Wired (Ethernet).
3. Tap Proxy setting.
4. Enter the proxy server information. Contact your IT department for this information.
Resolution – Solution 4: Check for firewall issues
Your network firewall may be blocking ports or addresses that are required for proper functioning of the device. Contact your IT department for assistance if needed.
Resolution – Solution 5: Try Wi-Fi
If available, try a wireless (Wi-Fi) connection instead. Refer to Setting up a wireless (Wi-Fi) network connection on the Parcelsend Essential below.
Issue
- The franking machine is not connecting to the Pitney Bowes Data Centre via a wireless (Wi-Fi) connection.
- The franking machine may display any of the following messages:
- “Error Unable To Resolve Host”
- “Unable To Resolve api.pitneybowes.com”
- “Failed to Update Please Contact Mailcoms”
Note: If you are experiencing issues with a wired network connection, see the topic Wired Network Connection Issues above.
Cause
Connection issues may be caused by problems with the settings, wireless connection, or a firewall.
Resolution – Solution 1: Restart the franking machine
1. Unplug the power cable. The screen should turn off after 10 seconds.
2. Wait 2 minutes.
3. Plug the power cable back in, ensuring that it is plugged directly into a wall outlet.
4. Quickly tap and release the power button to turn the franking machine back on.
Resolution – Solution 2: Wireless signal strength
Check the signal strength with the Wi-Fi gauge. If you are getting fewer than two bars, performance may be reduced or intermittent. Wireless signals may be degraded by physical barriers such as walls and doors, or interference from other devices such as microwaves, cordless phones and other Wi-Fi networks.
Some tips to increase wireless signal strength:
- Relocate the franking machine or your wireless access point so that they are closer together.
- Turn off or move other devices that may be interfering with the signal.
- Select another internal Wi-Fi network if one is available.
Resolution – Solution 3: Network settings
For information about the connection settings required on your network, contact your IT department or service provider.
If you want the franking machine to get an IP address automatically and do not need a static IP address:
1. Turn Wi-Fi off.
a. Tap the Settings (gear) icon.
b. Tap Wi-Fi in the Device & Network section.
c. Move the slider for Wi-Fi all the way to the left so it says Off.
2. Restart the franking machine.
3. Turn Wi-Fi back on.
4. Forget the currently connected network:
a. Tap the Settings (gear) icon.
b. Tap Wi-Fi in the Device & Network section.
c. Select the current network.
d. Tap the Forget button.
5. Re-enter the Wi-Fi password for your network.
6.Tap Connect.
- Make sure that you are connecting to the correct Wi-Fi network.
- Make sure that you have the correct Wi-Fi password and identity if required.
- If you need to set an EAP Method, proxy server, or change between DHCP and static IP addresses, tap Advanced Options. If Advanced Options does not appear, tap Forget instead, then tap your network name after the Wi-Fi name list appears.
Resolution – Solution 4: Firewall issues
Your network firewall may be blocking ports or addresses that are required for proper functioning of the device. Contact your IT department for assistance if needed.
Resolution – Solution 5: Try wired
If available, try a wired connection instead. Refer to Setting up a wired network connection on the Parcelsend Essential below.
A proxy server is a computer that acts as a gateway between your local network (and your franking machine) and a larger-scale network such as the Internet. Proxy servers provide increased performance and security.
1. Tap the Settings (gear) icon in the global toolbar.
2. Tap the Wi-Fi or Wired (Ethernet) option in the in the Device & Network section.
3. For Wi-Fi:
a. Select the network from the list.
b. Tap on the Advanced Options checkbox to select it.
c. Scroll down and tap on the drop-down arrow next to Proxy and select Manual.
4. For Wired (Ethernet):
a. Select either DCHP or Static IP
b. If you select DCHP, tap on the drop-down arrow next to Proxy Setting and select Manual.
5. For Proxy Hostname enter the IP address, HTTP or HTTPS proxy address of your proxy server.
6. For Proxy Port, enter the port the franking machine should use to send network traffic to the Proxy Server.
7.(Optional) Use Bypass to enter any specific URLs or URL patterns (such as internal addresses) that you want to bypass the proxy.
8.If your Proxy Server requires authentication, select the Need Authentication check box and additional fields will be displayed.
a. Enter the Proxy Username. Note: This may be case sensitive for some proxy servers.
b. Enter the Proxy Password Note. Note: This is case sensitive for proxy servers.
A proxy server works by intercepting connections between sender and receiver. All incoming data enters through one port and is forwarded to the rest of the network via another port. By blocking direct access between two networks, proxy servers make it much more difficult for hackers to get internal addresses and details of a private network.
These URLs must be accessible from the device, without any obstructions. This includes being free of any SSL packet inspection, web filtering devices or software monitoring.
Required URLs
Distributor – main PB Server that authenticates machine for access to other PB web services
– https://distservp1.pb.com/csd/dstproduct (Port 80)
– https://distservp1.pb.com/csd/dstproduct (Port 443)
Funds (Funds Management & Refills) – funds are managed through a separate Funds Server
– https://decometlb20.pb.com (Port 443)
– https://ukcometlb12k.pb.com (Port 443)
– https://decometlb5.pb.com (Port 443)
Rates and Updates (Download Services) – Downloads new software, graphics, rate prices
– Main Download Services entry
– https://dlsdlp1.pb.com (Port 443)
File Processing
– https://pbdlsp1.pb.com/prdupdate.dll (Port 443)
– https://pbdlsp1.pb.com/prdconfirm.dll (Port 443)
OS Updates
– https://pb-ota.redbend.com (Port 443)
Manage Accounts (Accounting) – separate PB Server that manages accounting including account creation, reports etc. Accounting Web Application:
– https://ms1app.pb.com/ (Port 443)
Accounting Web Services:
– https://ms1app.pb.com/ms1atweb/services/ (Port 443)
Online Help – online support website
– https://eureka.pitneybowes.com/sendpro-c-series/gb/SV63242-gb-help/Default.htm (Port 80)
Health Data Update – machine health Information upload
– https://s3.amazonaws.com (Port 443)
Network Connectivity Test Site – used by tablet’s Android O/S to confirm connectivity
– https://connectivitycheck.gstatic.com/generate_204 (Port 80)
Note: Connectivity tests also use Google DNS explicitly (8.8.8.8 Port 53)
PB Web Services Support – used by several PB applications including Shipping
– https://api.pitneybowes.com (Port 443)
– https://pitneybowes.okta.com (Port 443)
– https://microsoft.com/SoftwareDistribution/Server/SimpleAuthWebService (Port 80)
– https://mail.o365.pb.com (Port 80)
Recommended URLs
We recommend these URLs are left open, but if this presents a security issue, they can remain blocked. They are enabled by default.
Remote Access
TeamViewer is an application that lets Pitney Bowes Service access your device remotely, when you authorize it. (A TeamViewer session can only be initiated by someone on your end, therefore the system cannot be accessed without your knowledge.) There are two ways to unblock TeamViewer:
– General unblocking of Port 5938 TCP for outgoing connections (recommended). Port 5938 is only used by a few applications and therefore there is no security risk. This traffic should be filtered or cached.
– Unblocking URLs of the following formats (to any server)
- GET:/din.aspx?s=…&client=DynGate…GET
- /dout.aspx?s=…&client=DynGate…POST
- /dout.aspx?s=…&client=DynGate…
Note: Regardless of which method you choose to unblock TeamViewer, verify there are no content filters or anything similar blocking one of these URLs:
– *.TeamViewer.com
– *.dyngate.com
Device Management
- https://smb.pitneybowes.com (Port 443)
- https://prov.mdm.pitneybowes.com (Port 443)
- https://api.mdm.pitneybowes.com (Port 443)
- https://cn977.awmdm.com (Port 443)
- https://ds977.awmdm.com (Port 443)
- https://play.google.com (Port 443)
- https://gate.hockeyapp.net (Port 443)
- https://e.crashlytics.com (Port 443)
- https://android.googleapis.com (Port 443)
- https://mobile-gtalk.l.google.com (Port 5228)
The franking machine connection uses these ports and protocols. The system will require access through your network and firewall.
Communications
- All communication is initiated from the system via ports 80 (HTTP) and 443 (TLS)
- All communications from the system to the back end system are in the form of XML messages.
Ports Port 80 (HTTP)
- Web Services
- TeamViewer (remote access software)
Port 443 (TLS)
- The franking machine sends requests to refill or audit its PSD (Postal Security Device) when the user requests it or an inspection is required. Audits occur if the PSD inspection date has expired.
- During initial install, the system will automatically request an Operational Block, from the infrastructure, for the PSD.
- On PSD replacement the system will automatically request the configuration data for the replacement PSD.
- Transaction records from the franking machine are automatically uploaded when a user message appears (within three days of the mail being generated).
- O/S updates and Pitney Bowes Application Software and Rates Data updates.
Port 53
- DNS lookup
IMPORTANT:
IT departments that use a “rules based” method for allowing specific ports to pass traffic on their network for port 53, allow for both UDP and TCP traffic to this port.
1. Tap the Settings (gear) icon in the global toolbar.
2. Tap Wi-Fi in the Device & Network section to see a list of available networks.
3. Tap the Add Network button at the top of the Wi-Fi screen.
4. Tap the down arrow next in the Security field and select the security method.
5. Tap Advanced Options to enter a static IP or set up a proxy.
6. Tap Connect when done.
1. Tap the Settings (gear) icon in the global toolbar.
2. Tap Wi-Fi in the Device & Network section to see a list of available networks.
3. Tap on the network you want to delete. Note that you can only delete a network to which you have previously connected. The network details display.
4. Tap the Forget button to delete the network connection.
There are two MAC addresses within the machine. It depends on your method of connection as to which MAC address is used.
Wireless:
1.Tap the Settings (gear) icon in the global toolbar.
2. Tap Wi-Fi.
3. The MAC address appears above the list of wireless networks.
Wired:
1. Tap the Settings (gear) icon in the global toolbar.
2. Tap Wired (Ethernet).
3. Tap Check Network. The “Checking Network Connections” screen displays. When the test completes, tap on the View Details button in the “Connected to wired network” box. The MAC address will display.
4. Tap X to close this window.
5. Tap Close, then the back arrow to return to the Home screen.
If the MAC address does not display, try these steps:
1. Tap the Settings (gear) icon in the global toolbar.
2. Scroll down to the “Advanced Device Options” section and tap About This C-Series.
3. Scroll down to the “Base Network Info” section and locate the Mac Address field. This contains the MAC Address.
4. Tap Cancel in the upper left corner to return to the Home screen.
Tap the Check Network application icon in the application drawer at the bottom of the Home screen to make sure your franking machine has access to all the required internet services. These provide updates on rate information, sync your transaction data, and refill postage funds for the Envelope Printing application.
If your device is behind a firewall, you may need an IT professional or someone who has access to your network configuration to provide access to these services.
Watch this video to learn how to setup a wireless (Wi-Fi) connection on your franking machine.
For information about the connection settings required on your network, contact your IT department.
1. Tap the Settings (gear) icon in the global toolbar.
2. Tap Wi-Fi in the Device & Network section.
3. Choose your Wi-Fi network from the list. If your Wi-Fi network is hidden, tap Add Network to add it.
4. Enter your Wi-Fi password and identity.
Tip: Use the show password option to make sure that the password is entered correctly.
If your network requires advanced network settings such as a proxy server, tap Advanced Options. To set up a proxy server:
1. Select Use Proxy.
2. Tap on the line and enter the information provided by your IT department.
If your network requires advanced network settings such as a static IP address, tap Advanced Options. To set up a Static IP address:
1. Select the IP Setting menu and choose Static.
2. Tap on the line and enter the value provided by your IT department.
3. Tap the > in the green circle.
If the franking machine will not connect to the Wi-Fi network, have the client test the Wi-Fi network and password by setting up a smart phone, laptop or other Wi-Fi enabled device.
If you are unable to connect to the internet, if you get authentication errors, or you are unsure of the correct settings for your network, check with your IT department.
Watch this video to learn how to setup a wired connection on your franking machine.
For information about the connection settings required on your network, contact your IT department.
First, determine the connection type:
1. Tap the Settings (gear) icon in the global toolbar.
2. Tap Wired.
3. Check to see what is selected for the connection type.
4. If the connection type is DHCP, follow the steps under For DHCP. If the connection type is Static, follow the steps under For Static.
For DHCP:
1. Select DHCP.
2. Tap Connect.
3. If it does not connect, unplug the power cable.
4. Wait 2 minutes. The screen should turn off after 10 seconds.
5. Plug the power cable back in, ensuring that it is plugged directly into a wall outlet.
6. Quickly tap and release the power button to turn the franking machine back on.
7. Tap the Settings (gear) icon in the global toolbar.
8. Tap Wired (Ethernet) and make sure DHCP is selected.
9. Tap Connect.
For Static:
1. Select Static.
2. Contact your internal IT department to get and record the values you will need to enter for your franking machine. These include: IP Address, Netmask, Gateway and DNS Address.
3. Enter the values you recorded in step 2 for the IP Address, Netmask, Gateway, and DNS Address in the corresponding fields.
4. Tap Connect.
5. If it fails to connect, remove the network cable from the back of the franking machine.
6. Tap the Connect button. Wait for the attempted connection to fail.
7. Plug the network cable back in.
8. Delete the values in the IP Address, Netmask, Gateway, and DNS Address fields.
9. Enter the IP Address, Netmask, Gateway, and DNS Address that you recorded in step 2.
10. Tap the Connect button.
11. If you are still having issues connecting to the network, contact your IT department and have them verify that the static IP address you are using is assigned only to the franking machine.
The franking machines occasionally show different error codes. Some error codes tend to be due to connection issues and can all be resolved easily. Below you will be able to find out what the error codes are and how to potentially resolve the issue. See if we can help you below.
Error Code 1811
Error Code 1814
Error Code 1815
Error Code 1816
Error Code 1825
Error Code 1822
Error Code 1826
Error Code 1829
Error Code 1870
Error Code 51
Error Code 23
Error Code 200D
Issue
The franking machine displays one of the following error codes or system messages, and will not connect to the Pitney Bowes Data Centre:
Error codes on franking machine: 1811, 1814, 1815, 1816, 1825, 1822, 1826, 1829, 1870, 51, 23, 200D, and DE00
Messages:
- Error Unable To Resolve Host,
- Unable To Resolve api.pitneybowes.com
- Failed to Update Please Contact Mailcoms
- PB Commerce Cloud Not Found
- Unable to complete refill – MessageID: PerformAuditRsp – Status: Not Connected to Internet
- Sync your data
- The data centre sent back a PVD error record when the UIC was expecting a PVD response.
- The data centre has found an exception and returned the GenRsp message. At this point the PBP task is in control of the dialogue.
Cause
The franking machine is not connecting to the server.
Resolution
1. Tap the Settings (gear) icon and tap Sync Transaction data.
2. You may be able to clear the error by simply restarting your franking machine. Here are the steps to follow for a safe restart:
a. Unplug the power cable.
b. Wait for the display to turn off.
c. Wait one minute.
d. Plug the power cable back in, ensuring that it is plugged directly into a wall outlet.
e. If you need further assistance, please use the Contact Us options below. Please have your model and serial number ready.
3. If the connection still does not work, follow the connection troubleshooting steps for your connection method:
– If you have a network cable that runs from the back of your franking machine to a wall jack, switch, or router, your franking machine connects via a wired connection.
– If there is no network cable, your franking machine connects via a wireless (Wi-Fi) connection.
Automatic updates
The franking machine updates postal rates and software automatically. Keep your franking machine turned on and connected to your network to get your automatic updates, as updates are downloaded during the evening hours.
Manual postal rate updates:
1. Tap Rates and Updates on the bottom of the Home screen.
2. If new rates are available your franking machine downloads and installs updates.
Manual software updates:
1. Tap Rates and Updates on the bottom of the Home screen. Swipe the screen up to access the second row of buttons.
2. If an update is available, the franking machine displays a progress bar showing the status of the download and installation.
Issue
The device displays the message “PB Commerce Cloud Not Found”.
Cause
Your franking machine records transactions and uploads them daily. The device is unable to synchronise this data and this may be caused by problems with the network connection settings, the physical connections, or a firewall.
Resolution
Restarting the device is the most common solution when you see this message. Only perform these steps if you know the password for your Wi-Fi network. If your connection type is Static IP, contact your IT department.
1. Tap the Settings icon in the toolbar.
2. Tap Wi-Fi.
3. Tap the network that your device is using.
4. Tap the Forget button.
5. Turn off the Wi-Fi by sliding the toggle to the left.
6. Unplug the power cord from the device.
7. Wait 10 seconds.
8. Plug the power cord back in.
9. Tap the power button.
10. Tap the Settings icon on the toolbar.
11. Tap Wi-Fi.
12. Turn on the Wi-Fi by sliding the toggle to the right.
13. Tap on the name of your Wi-Fi network.
14. Enter the Wi-Fi network password.
15. Tap Connect.
If it still does not connect:
1. Tap the Settings icon in the toolbar.
2. Tap Wi-Fi.
3. Tap the network that your device is using.
4. Tap the Forget button.
5. Turn off the Wi-Fi by sliding the toggle to the left.
6. Tap the Settings icon in the toolbar.
7. Tap (Wired) Ethernet with no network cable connected.
8. Tap Connect. The IP address should display all zeroes on the connecting to Network Screen.
9. Wait for the message “Unable to Connect to the Internet”.
10. Tap the Settings icon in the toolbar.
11. Tap Wi-Fi.
12. Turn on the Wi-Fi by sliding the toggle to the right.
13. Tap on the name of your Wi-Fi network.
14. Enter the Wi-Fi network password.
15. Tap Connect.
What to do if you are still unable to connect
Contact your IT department or the person who manages the IT settings in your business. Ask them to verify that the network settings comply with network settings in this article: Networking and connectivity details
If you are unable to connect to the internet, ask your IT department or internet provider to check the internet settings before you contact Mailcoms. If you still need assistance, please contact us on 01543 572 776.
Issue
The device displays the message “PB Commerce Cloud Not Found”.
Cause
Your franking machine records transactions and uploads them daily. The device is unable to synchronise this data and this may be caused by problems with the network connection settings, the physical connections, or a firewall.
Resolution
Restarting the device is the most common solution when you see this message. How you restart the device, however, depends on the protocol the device uses. There are 2 protocols:
– DHCP
– Static IP
Before you can troubleshoot the issue, you must first determine which protocol the device uses.
Determine the protocol
1. Tap the Settings icon in the toolbar.
2. Tap Wired.
3. Check to see which connection type is selected. The blue circle shown here means DHCP is selected.
– If your connection type is DHCP, follow the steps below under Troubleshoot a wired connection that uses DHCP.
– If your connection type is Static IP, follow the steps below under Troubleshoot a wired connection that uses Static IP.
Troubleshoot a wired connection that uses DHCP
1. Select DHCP.
2. Tap Connect.
3. If it does not connect, unplug the power cord and the network cable from the back of the device. The screen should turn off after 10 seconds.
4. Wait 2 minutes.
5. Plug the power cord and the network cable back in, ensuring that the power cord is plugged directly into a wall outlet and the network cable is plugged securely in the network port available on the back of the device.
6. Quickly tap and release the power button to turn the device back on.
7. Tap the Settings icon in the toolbar.
8. Tap Wired (Ethernet) and make sure that DHCP is selected.
9. Tap Connect.
Troubleshoot a wired connection that uses Static IP
1. Select Static IP.
2. Make a note of the IP Address, Netmask, Gateway and DNS Address.
3. Tap Connect.
4. Scroll down to IP Address, Netmask, Gateway and DNS Address.
5. Verify that all of the information entered in those fields is correct.
6. Tap Connect.
7. Remove the network cable from the back of the device.
8. Tap the Connect button. The device will try to connect. Wait until the connection fails.
9. Plug the network cable back into the back of the device.
10. Delete the values in the IP Address, Netmask, Gateway, and DNS Address boxes.
11. Enter the IP Address, Netmask, Gateway, and DNS Address that you noted in step 2.
12. Tap Connect.
13. Tap in the DNS Address box.
14. Press backspace to delete the DNS address.
15. Enter the DNS Address that you noted in step 2.
16. Tap Connect.
What to do if you are still unable to connect
Contact your IT department or the person who manages the IT settings in your business. Ask them to verify that the network settings comply with network settings in this article: Networking and connectivity details
If you are unable to connect to the internet, ask your IT department or internet provider to check the internet settings before you contact Mailcoms. If you still need assistance, please contact us on 01543 572 776.
If you have extensive network security restrictions, your IT or network administrator may need these specifications to prepare for the installation.
– URL information
– Ports and communication requirements
– Advanced network requirements
URL Information
These URLs must be accessible from the device, without any obstructions. This includes being free of any SSL packet inspection, web filtering devices or software monitoring.
Required URLs
- Distributor – main PB Server that authenticates machine for access to other PB web services
- https://distservp1.pb.com/csd/dstproduct (Port 80)
- https://distservp1.pb.com/csd/dstproduct (Port 443)
- Funds (Funds Management & Refills) – funds are managed through a separate Funds Server
- https://decometlb20.pb.com (Port 443)
- https://ukcometlb12k.pb.com (Port 443)
- https://decometlb5.pb.com (Port 443)
- https://swcometlb2.pb.com/ (Port 443)
- https://cometservp1.pb.com (Port 443)
- Rates and Updates (Download Services) – Downloads new software, graphics, rate prices
- Main Download Services entry
- https://dlsdlp1.pb.com (Port 443)
- File Processing
- https://pbdlsp1.pb.com (Port 443)
- https://pbdlsp1t.pb.com (Port 443)
- https://pbdlsp1k.pb.com (Port 443)
- https://pbdlsp1b.pb.com (Port 443)
- https://pbdlsp1z.pb.com (Port 443)
- OS Updates
- https://pb-ota.redbend.com (Port 443)
- Main Download Services entry
- Manage Accounts (Accounting) – separate PB Server that manages accounting including account creation, reports etc.
- Accounting Web Application:
- https://ms1app.pb.com/ (Port 443)
- Accounting Web Services:
- https://ms1app.pb.com/ms1atweb/services/ (Port 443)
- Accounting Web Application:
- Online Help – online support website
- https://eureka.pitneybowes.com/sendpro-c-series/gb/SV63242-gb-help/Default.htm (Port 80)
- Health Data Update – machine health Information upload
- https://s3.amazonaws.com (Port 443)
- Network Connectivity Test Site – used by tablet’s Android O/S to confirm connectivity
- https://connectivitycheck.gstatic.com/generate_204 (Port 80)
- Important: Connectivity tests also use Google DNS explicitly (8.8.8.8 Port 53)
- PB Web Services Support – used by several PB applications including Shipping
- https://api.pitneybowes.com (Port 443)
- https://api.precisely.com (Port 443)
- https://pitneybowes.okta.com (Port 443)
- https://microsoft.com (Port 443)
- https://microsoft.com (Port 80)
- https://mail.o365.pb.com (Port 80)
- Parcel Shipping – Parcel Shipping Labels
- https://foundation.sending.us.pitneybowes.com (Port 443)
- https://shipping.sending.us.pitneybowes.com (Port 443)
- https://integration.sending.us.pitneybowes.com (Port 443)
- https://locations.sendpro.pitneybowes.com (Port 443)
- https://uam.sendpro.pitneybowes.com (Port 443)
- https://sending.us.pitneybowes.com (Port 443)
- https://sendpro.pitneybowes.com (Port 443)
Recommended URLs
We recommend these URLs are left open, but if this presents a security issue, they can remain blocked. They are enabled by default.
- Device Management (uses Port 443 or 80 unless otherwise stated).
- https://smb.pitneybowes.com
- https://prov.mdm.pitneybowes.com
- https://api.mdm.pitneybowes.com
- https://cn977.awmdm.com
- https://ds977.awmdm.com
- https://play.google.com
- https://gate.hockeyapp.net
- https://e.crashlytics.com
- https://android.googleapis.com
- https://play.vidyard.com/
- https://www.youtube.com/
- https://s3-us-west-2.amazonaws.com/
- https://mobile-gtalk.l.google.com (Port 5228)
- a21iywh40b72eh-ats.iot.us-west-2.amazonaws.com
- alt2-mtalk.google.com
- alt5-mtalk.google.com
- alt6-mtalk.google.com
- alt8-mtalk.google.com
- android.clients.google.com
- android-safebrowsing.google.com
- api.crashlytics.com
- apis.google.com
- app-measurement.com
- aws.amazon.com
- captive.apple.com
- cloudconfig.googleapis.com
- cognito-identity.us-east-1.amazonaws.com
- content.googleapis.com
- csd-error-logs.s3.amazonaws.com
- csd-error-logs.s3-us-west-1.amazonaws.com
- csd-launcher.s3.amazonaws.com
- csd-launcher.s3-us-west-1.amazonaws.com
- csd-mailing.s3.amazonaws.com
- csd-mailing.s3-us-west-1.amazonaws.com
- csd-remote-config.s3.amazonaws.com
- csd-remote-config.s3-us-west-1.amazonaws.com
- csd-translations.s3.amazonaws.com
- csd-translations.s3-us-west-1.amazonaws.com
- digitalassetlinks.googleapis.com
- dl.google.com
- docs.google.com
- ES-MAD-ANX-R010.teamviewer.com
- firebaseinstallations.googleapis.com
- fonts.googleapis.com
- fonts.gstatic.com
- GB-LON-ANX-R008.teamviewer.com
- hshh.org
- in.appcenter.ms
- lh3.googleusercontent.com
- master3.teamviewer.com
- mdh-pa.googleapis.com
- mtalk.google.com
- pagead2.googlesyndication.com
- phonedeviceverification-pa.googleapis.com
- ping3.teamviewer.com
- play.googleapis.com
- pool.ntp.org
- r1—sn-8pgbpohxqp5-auol.gvt1.com
- r2—sn-8pgbpohxqp5-auol.gvt1.com
- r3—sn-8pgbpohxqp5-auol.gvt1.com
- r3—sn-8pgbpohxqp5-auos.gvt1.com
- r6—sn-8pgbpohxqp5-auol.gvt1.com
- r7—sn-8pgbpohxqp5-auol.gvt1.com
- r8—sn-8pgbpohxqp5-auol.gvt1.com
- redirector.gvt1.com
- registrar.iot.pitneycloud.com
- reports.crashlytics.com
- safebrowsing.googleapis.com
- settings.crashlytics.com
- ssl.gstatic.com
- time.apple.com
- www.google.com
- www.googleapis.com
- www.gstatic.com
- www.pitneybowes.com
- www.mailcoms.co.uk
Remote Access
TeamViewer is an application that lets Mailcoms Service access your device remotely, when you authorize it. (A TeamViewer session can only be initiated by someone on your end, therefore the system cannot be accessed without your knowledge.) There are two ways to unblock TeamViewer:
- General unblocking of Port 5938 TCP for outgoing connections (recommended). Port 5938 is only used by a few applications and therefore there is no security risk. This traffic should be filtered or cached.
- Unblocking URLs of the following formats (to any server) GET:
- /din.aspx?s=…&client=DynGate…GET
- /dout.aspx?s=…&client=DynGate…POST
- /dout.aspx?s=…&client=DynGate…
Regardless of which method you choose to unblock TeamViewer, verify there are no content filters or anything similar blocking one of these URLs:
- *.TeamViewer.com
- *.dyngate.com
Communications
The franking machine connection uses these ports and protocols. The system will require access through your network and firewall.
- All communication is initiated from the system via ports 80 (HTTP) and 443 (TLS).
- All communications from the system to the back end system are in the form of XML messages.
Ports
Port 80 (HTTP)
- Web Services
- TeamViewer (remote access software)
Port 443 (TLS)
- The franking machine sends requests to refill or audit its PSD (Postal Security Device) when the user requests it or an inspection is required. Audits occur if the PSD inspection date has expired.
- Transaction records from the franking machine are automatically uploaded when a user message appears (within three days of the mail being generated).
- O/S updates and PB Application Software and Rates Data updates.
Port 53
- DNS lookup
IMPORTANT: If your IT department uses a rules-based method for allowing specific ports to pass traffic on their network for port 53, you must allow both UDP and TCP traffic to this port.
Advanced Network Requirements
The franking machine initiates all communication (via HTTP or TLS), so it can safely sit behind most corporate firewalls
- High-speed network connection.
- The franking machine supports 802.11n Wi-Fi WPA, WPA-2 PSK, WPA-802.1x (LEAP) protocols.
- Due to security issues, WEP Wireless Security Protocol is not supported.
- Both 2.4 and 5 GHz frequency band wireless is supported.
- The franking machine communicates to external web services via HTTP over Port 80.
- The franking machine communicates to PB secure server(s) via TLS over port 443.
- The franking machine uses Port 53 for DNS lookup.
- Mailcoms requires a minimum network bandwidth of 384 kbps (upstream and downstream) to operate, but we recommend 1 Mbit/sec for best performance.
- Mailcoms recommends that DSL or cellular devices are not shared across multiple systems.
- Customer owned web filtering devices or software, as well as SSL packet inspection should be disabled for these ports as they can affect performance or could prevent functionality.
- The internal base and tablet communication uses a subnet that consists of IPs from the 192.168.10.240 to 192.168.10.255 and 192.168.10.96 to 192.168.10.111 ranges. When the franking machine is connected to a network that has a default gateway which uses any address in these ranges, the franking machine will not be able to communicate on the network because messages can not be routed properly.
If you are unable to connect to the internet, ask your IT department to check the internet settings before you contact Mailcoms. If you still need assistance, please use the Contact Us options below. If you still need assistance, please contact us on 01543 572 776.
