[Bug] Review and Secure Public vs Private Ports & Disable Unnecessary Metrics Endpoints

[Aravinda-HWK]

What needs to be done?

We need to review the current email system deployment and clearly identify:

• Which network ports must be publicly accessible
• Which ports must remain private/internal only
• Which metrics and exporter endpoints are unnecessarily exposed and should be restricted or removed

Currently, multiple services expose management, metrics, and internal communication ports that do not need public access, increasing the attack surface.