Here's how I have solved this problem, without changing ANYTHING on the zimbra server. The only thing I did was add a NameVirtualHost on apache running on the linux1 box and use mod_proxy for forwards.
I added a new sub-domain webmail.mydomain.com. This is a CNAME entry and points to the same server mydomain.com (or linux1 on my LAN).
Here's how the config looks:
'lan' is my local intranet domain. I run a local DNS for my intranet. Hence I don't have to use IP addresses in the ProxyPass.
You need mod_proxy module enabled for apache (on linux1).
On linux1 box (which also hosts my web server for *.mydomain.com)
Code:
UseCanonicalName Off
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.mydomain.com
DocumentRoot /var/www/www.mydomain.com/htdocs
ScriptAlias /cgi-bin /var/www/www.mydomain.com/cgi-bin
</VirtualHost>
:
:
# Redirect traffic to/from webmail.mydomain.com to zimbra.lan
<VirtualHost *:80>
ServerName webmail.mydomain.com
ProxyPass / http://zimbra.lan/
ProxyPassReverse / http://zimbra.lan/
</VirtualHost>
As stated earlier, zimbra.lan server is not visible directly from outside.
I am now forwarding ports 25 and 993 (only IMAPS) from the outside world to zimbra.lan using bastille-firewall(iptables) on linux1. I am able to send and receive mail fine. The web mail interface works like a charm with this setup.
This way I didn't have to change ports of any of my existing sites and I get to use full functionality of Zimbra server without modifying the default configuration.
The beauty of this setup is I can still keep using my SquirrelMail (which I run on
www.mydomain.com/squirrelmail) and only change its config to use the zimbra.lan IMAP server instead.
I have seen so much discussion on this forum on the forwarding issue, and I hope many people will find this kind of setup useful.
Thanks to all who helped me with this.
Zimbra Rocks!
-amit