Hello all, we're seeing an issue that we can't quite seem to figure out. We have a edge mta that uses MailScanner for the normal stuff. All emails are routed internally (in a DMZ) to zimbra where all the user accounts reside. Everything works fine for standard user accounts, however we have one issue with the local root account on the box that zimbra is installed on.

Since Zimbra is installed internally with the edge MTA being the only externally visible entity, we have DNS setup such that the MX records to the known world are to the edge MTA, and internal DNS MX records point to Zimbra.

The goal is that only external (non-local domains) should get forwarded to the edge MTA for delivery while everything else stays in Zimbra. First of all it doesn't appear that is actually happening. Second, the issue is that we continue to get 554 reject messages for mail originating from the host in which Zimbra resides (i.e. root@zimbra.domain.com)

What settings can I double check to make sure that we're only routing non-local deliveries to the edge MTA?

Thanks.