If you are not familar with firewalld and the firewall-cmd, check out our Getting Started article.
The --add-service=service_name option can be used to allow connections to a certain service, such as SMTP.
firewall-cmd --zone=work --add-service=smtp --permanent firewall-cmd --reload
Each service has an XML file located at /usr/lib/firewalld/services which contains the port and protocol being used by the service. For example, the ssh.xml file is using port 22 and the TCP protocol.
<?xml version="1.0" encoding="utf-8"?> <service> <short>SSH</short> <port protocol="tcp" port="22"/> </service>