set the port by default to 443, as outbound port filtering of uncommon ports is likely to be a common problem in the kind of organisation that wants Defender on machines;
allow the module consumer to override the keyserver using parameters.
I prefer 443 over 80 to prevent man-in-the-middle attacks.
In a heavily firewalled build environment, the use of port 80 needs to be explicit to prevent the use of a special-purpose key-server port.
Keyserver.txt