diff --git a/CHANGES b/CHANGES
index 58c6cb730b..934ea81f96 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,8 @@
+6089.	[bug]		Source ports configured for query-source,
+			transfer-source, etc, were being ignored. (This
+			feature is deprecated, but it is not yet removed,
+			so the bug still needed fixing.) [GL #3790]
+
 6088.	[cleanup]	/etc/bind.keys is no longer needed and has been
 			removed from the distribution. named and delv can
 			still load keys from a file for testing purposes,
diff --git a/bin/tests/system/notify/ns2/named.conf.in b/bin/tests/system/notify/ns2/named.conf.in
index 44aac95013..abfdc102e2 100644
--- a/bin/tests/system/notify/ns2/named.conf.in
+++ b/bin/tests/system/notify/ns2/named.conf.in
@@ -51,16 +51,17 @@ primaries noport { 10.53.0.4; };
 masters x21 port @EXTRAPORT1@ { noport; };
 
 zone x1 {
-    type primary;
+	type primary;
 	file "generic.db";
 	also-notify { 10.53.0.3; };
-    notify primary-only;
+	notify-source 10.53.0.2 port @EXTRAPORT2@;
+	notify primary-only;
 };
 zone x2 {
-    type primary;
+	type primary;
 	file "generic.db";
 	also-notify { 10.53.0.3; };
-    notify master-only; # test old syntax
+	notify master-only; # test old syntax
 };
 
 zone x3 { type primary; file "generic.db"; also-notify { 10.53.0.3; }; };
diff --git a/bin/tests/system/notify/tests.sh b/bin/tests/system/notify/tests.sh
index 748c107217..dad89bd748 100644
--- a/bin/tests/system/notify/tests.sh
+++ b/bin/tests/system/notify/tests.sh
@@ -202,6 +202,10 @@ grep "sending notify to 10.53.0.5#[0-9]* : TSIG (b)" ns5/named.run > /dev/null |
 grep "sending notify to 10.53.0.5#[0-9]* : TSIG (c)" ns5/named.run > /dev/null || ret=1
 test_end
 
+test_start "checking notify-source uses port option correctly"
+grep "10.53.0.2#${EXTRAPORT2}: received notify for zone 'x1'" ns3/named.run > /dev/null || ret=1
+test_end
+
 # notify messages were sent to unresponsive 10.53.10.53 during the tests
 # above, which should time out at some point; we need to wait for them to
 # appear in the logs in case the tests run faster than the notify timeouts
diff --git a/bin/tests/system/xfer/ns3/named.conf.in b/bin/tests/system/xfer/ns3/named.conf.in
index 76f19b5614..426c008f10 100644
--- a/bin/tests/system/xfer/ns3/named.conf.in
+++ b/bin/tests/system/xfer/ns3/named.conf.in
@@ -50,6 +50,7 @@ zone "example" {
 
 zone "primary" {
 	type secondary;
+        transfer-source 10.53.0.3 port @EXTRAPORT1@;
 	primaries { 10.53.0.6; };
 	file "primary.bk";
 };
diff --git a/bin/tests/system/xfer/tests.sh b/bin/tests/system/xfer/tests.sh
index 49581a046b..7ff58c7bd0 100755
--- a/bin/tests/system/xfer/tests.sh
+++ b/bin/tests/system/xfer/tests.sh
@@ -573,5 +573,12 @@ retry_quiet 10 check_xfer_stats || tmp=1
 if test $tmp != 0 ; then echo_i "failed"; fi
 status=$((status+tmp))
 
+n=$((n+1))
+echo_i "test that transfer-source uses port option correctly ($n)"
+tmp=0
+grep "10.53.0.3#${EXTRAPORT1} (primary): query 'primary/SOA/IN' approved" ns6/named.run > /dev/null || ret=1
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1
diff --git a/lib/dns/dispatch.c b/lib/dns/dispatch.c
index 00ad70eb80..31bb596a3f 100644
--- a/lib/dns/dispatch.c
+++ b/lib/dns/dispatch.c
@@ -385,7 +385,7 @@ setup_socket(dns_dispatch_t *disp, dns_dispentry_t *resp,
 	dns_dispatchmgr_t *mgr = disp->mgr;
 	unsigned int nports;
 	in_port_t *ports = NULL;
-	in_port_t port;
+	in_port_t port = *portp;
 
 	if (resp->retries++ > 5) {
 		return (ISC_R_FAILURE);
@@ -405,12 +405,13 @@ setup_socket(dns_dispatch_t *disp, dns_dispentry_t *resp,
 	resp->local = disp->local;
 	resp->peer = *dest;
 
-	port = ports[isc_random_uniform(nports)];
-	isc_sockaddr_setport(&resp->local, port);
+	if (port == 0) {
+		port = ports[isc_random_uniform(nports)];
+		isc_sockaddr_setport(&resp->local, port);
+		*portp = port;
+	}
 	resp->port = port;
 
-	*portp = port;
-
 	return (ISC_R_SUCCESS);
 }
 
@@ -1449,7 +1450,7 @@ dns_dispatch_add(dns_dispatch_t *disp, unsigned int options,
 		 dns_dispentry_t **respp) {
 	dns_dispentry_t *resp = NULL;
 	dns_qid_t *qid = NULL;
-	in_port_t localport = 0;
+	in_port_t dispport, localport = 0;
 	dns_messageid_t id;
 	unsigned int bucket;
 	bool ok = false;
@@ -1474,8 +1475,12 @@ dns_dispatch_add(dns_dispatch_t *disp, unsigned int options,
 
 	qid = disp->mgr->qid;
 
-	resp = isc_mem_get(disp->mgr->mctx, sizeof(*resp));
+	dispport = isc_sockaddr_getport(&disp->local);
+	if (dispport != 0) {
+		localport = dispport;
+	}
 
+	resp = isc_mem_get(disp->mgr->mctx, sizeof(*resp));
 	*resp = (dns_dispentry_t){
 		.port = localport,
 		.timeout = timeout,