And apologies for yet another post addressing DNS issues, but what looked like a straightforward setup is turning into a major headache.
I'd like to integrate a new Zimbra installation into a private LAN setup. DNS is provided with local authority only (i.e., 192.168.2.0/24 <-> sub-domain.mydomain.com). NS and other public services for mydomain.com are currently handled by an outside provider.
Bucking the current trend to sign away control over data and interface, I decided to take mail services for mydomain.com in-house using port forwarding from/to the filtering gateway serving my (private) sub-domain. 'Public' NS for mail services will still be handled by my ISP, with A records and MX for 'mail.mydomain.com' and 'webmail.mydomain.com' pointing to the gateway's WAN address. For the sake of consistency, and sanity, I'd like the mail server to become part of my (private) sub-domain with a corresponding entry into my (private) DNS server's zone file.
Obviously, some kind of translation between the two worlds will be needed. According to the documentation, Zimbra requires a resolvable local address for communication between the MTA and mail store; my users (and my ISP's smart relay host) require a globally visible domain name.
I've looked into the proposed 'split DNS' solution. However, this runs contrary to what I had in mind. If I understand correctly, I'd be pretending to run a public machine from within a private address space with the help of duplicate, albeit separate, authorities!? To add complexity to non standard behavior, I would need to throw in a third authority for 'mail.sub-domain.mydomain.com' to complement both the ISP's public and the machine's limited zone file. This decidedly goes against both the consistency and sanity requirements ;-)
Apart from split DNS personalities, is there any other way to handle this (surely not too uncommon) situation? I'm no Postfix buff, but I assume that some kind of user, user group, and domain name translation must be possible. However, I'm afraid that this might break communication among the different parts of the Zimbra suite.
Any pointers greatly appreciated.