Quote:
|
Originally Posted by LMStone Having an internal DNS server with the private, rather than public IP of the Zimbra host is possibly how you are keeping internal transports internal.
Would you mind confirming that your internal DNS server uses private IPs for the Zimbra MTA (Postfix) and mail store (Cyrus) servers? |
Yes. Internal DNS maps private IPs for both servers. Heres a snippet from my nslookup for my mta svr. (I have to alter domain/public IP for privacy if you dont mind)
Code:
> server 10.0.0.2
> pluto.domain.net
Server: 10.0.0.2
Address: 10.0.0.2#53
Name: pluto.domain.net
Address: 10.0.0.188
>server 203.x.x.x
> pluto.domain.net
Server: 203.x.x.x
Address: 203.x.x.x#53
Name: pluto.domain.net
Address: 219.x.x.x
For the outside DNS is abit confusing. My place have 2 uplinks to the outside (203.x.x.x & 219.x.x.x). DNS resides at the 128kbps line with IP 203.x.x.x. Currently the MTA svr is being NATd to the 2Mbps SDSL line with IP 219.x.x.x which is faster and more suitable for zimbra.
For MX records, I added 2 separate records for internal and external. It is no point if the MX record is only recorded at the external DNS as it will also redirect emails outside and back to the inside.
Code:
> domain.net
Server: 10.0.0.2
Address: 10.0.0.2#53
domain.net mail exchanger = 10 support.domain.net.
domain.net mail exchanger = 0 pluto.domain.net.
> domain.net
Server: 203.x.x.x
Address: 203.x.x.x#53
domain.net mail exchanger = 10 support.domain.net.
domain.net mail exchanger = 0 pluto.domain.net.