Using Google Container Engine (GKE) with Container Optimized Images the external interfaces (ephemeral IPs) seem to be listening on ports 110, 143, 993, 995, etc. as demonstrated via a port scan with nmap
:
Nmap scan report for 236.185.xxx.xx.bc.googleusercontent.com (xx.xx.185.236)
Host is up (0.0025s latency).
Not shown: 65529 filtered ports
PORT STATE SERVICE
22/tcp open ssh
110/tcp open pop3
143/tcp open imap
993/tcp open imaps
995/tcp open pop3s
3389/tcp closed ms-wbt-server
I can connect via telnet but ports provide no response:
$telnet 35.192.xxx.xxx 993
Trying 35.192.xxx.xxx...
Connected to xxx.xxx.192.35.bc.googleusercontent.com.
Escape character is '^]'.
USER FOO
Connection closed by foreign host.
Finally, if you ssh to a node instance, there's no evidence of anything listening on ports 110, 143, 993, or 995.
Hoping to shed a light on this mystery!