Help, pls, with new Ubuntu 8.04 standalone install

[chain]

hello,
I have ubuntu server joined to windows domain and behind the router
for example my internal windows domain is loc.network
but my public domain is systems.ru with public ip 77.77.77.77
mail server internal ip is 192.168.8.10 and name is 'mail'

so my /etc/hosts now is

Code:

127.0.0.1 localhost
192.168.8.10 mail.loc.network mail

also I configure bind with 2 external dns servers, bind zone config is

Code:

;
; BIND data file for systems.ru
;
$TTL    604800
@       IN      SOA     mail.systems.ru. admin.systems.ru. (
                        2008122523
                        1500
                        600
                        2419200
                        3600 )
;
@       IN      NS      mail
        IN      MX      10 mail
        IN      A       77.77.77.77 ; public ip
mail    IN      A       77.77.77.77 ; public ip
systems.ru.   IN      NS      ns4.nic.ru. ; external secondary dns
systems.ru.   IN      NS      ns8.nic.ru. ; external another secondary dns

so as server not in dmz I have to use public IP 77.77.77.77
when i check dns with dnsreport.com or intodns.com, all is ok
but when I try to install ZCS I get the error:

Code:

Create Domain: [systems.ru] systems.ru
	MX: mail.systems.ru (77.77.77.77)

	Interface: 192.168.8.10
	Interface: 127.0.0.1


DNS ERROR - none of the MX records for systems.ru
resolve to this host
It is suggested that the MX record resolve to this host
Re-Enter domain name? [Yes]                  
Create Domain: [systems.ru] mail.systems.ru

if I try to change to mail.systems.ru I got the same error:

Code:

Re-Enter domain name? [Yes]                  
Create Domain: [systems.ru] mail.systems.ru


DNS ERROR resolving MX for mail.systems.ru
It is suggested that the domain name have an MX record configured in DNS

nslookup show me that all is ok with with dns

Code:

nslookup systems.ru 127.0.0.1
Server:		127.0.0.1
Address:	127.0.0.1#53

Name:	systems.ru
Address: 77.77.77.77


nslookup mail.systems.ru 127.0.0.1
Server:		127.0.0.1
Address:	127.0.0.1#53

Name:	mail.systems.ru
Address: 77.77.77.77

nslookup mail.systems.ru ns4.nic.ru
Server:		ns4.nic.ru
Address:	194.226.96.8#53

Name:	mail.systems.ru
Address: 77.77.77.77

if i'll change public ip (77.77.77.77) in zone record to private (192.168.8.10), i'll complete instalation, if i'll change dns zone again to public IP, I can to send mail from internal network, but i cant to receive mail.. when I try to send something for example from gmail, i got the next error:

This is the mail system at host mail.loc.network.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The mail system

: Host or domain name not found. Name service error for
name=mail.loc.network type=A: Host not found

Final-Recipient: rfc822; chain@systems.ru
Original-Recipient: rfc822;chain@systems.ru
Action: failed
Status: 5.4.4
Diagnostic-Code: X-Postfix; Host or domain name not found. Name service error
for name=mail.loc.network type=A: Host not found

help,please, I have only this weekend to resolve the problem

[phoenix]

Use a Split DNS set-up: Split DNS - Zimbra :: Wiki

[chain]

thanx, but thats is not suitable for my example
my router configured to send external DNS queries (53 port) to server with ZCS. that is only external DNS server that I need.

as an example, when I configure the same structure in windows:
I have one AD DNS for internal use on PDC, and one public DNS server on email server
So I need to configure DNS with public IP on the same machine where I install ZCS

[phoenix]

thanx, but thats is not suitable for my example
my router configured to send external DNS queries (53 port) to server with ZCS. that is only external DNS server that I need.

Yes, that is exactly the set-up you need - I wouldn't have said it if it wasn't needed. If your zimbra server is behind a NAT router (and yours is) then you need a split dns set-up. Read the description in the link I provided, all will be revealed.

[chain]

u r right, but with that config I can see my internal net structure from internet and get the errors from checkdns servers like that:

IPs of nameservers are public ERROR: mail.systems.ru


MX IPs are public The MX ips that do not seem valid:
192.168.8.10
This can cause problems

are there any other ways to solve that?

[phoenix]

Are you saying that your DNS server is answering public requests for your LAN? If that's the case you should not be doing that, your LAN DNS server should only answer requests for your LAN other DNS records should be handled by external (to your LAN) servers.

[chain]

no no, but anyone from internet can see my mail server internal ip
i didn't use providers dns service, i prefer to rule dns server that answering for my mail by myself. only secondary dns servers are external.
may be my english is not so good to explain, sorry for that

[phoenix]

If you mean they can see your internal IP address in the email then it makes no difference. What problem do you think that's going to cause you? I don't really understand what the problem is from your description.

[chain]

thanx for answers.
i've never try to configure dns with bind9, that is my first try, may be something wrong with my config..
my server (mail and DNS) is behind the router but all requests to 53 and 25 ports forwarded to it, so in windows all works good. I have public IP's in dns configuration and can use Exchange, Kerio and so on.
In Linux I have the same structure DNS and Mail server are running on the same machine.
But with bind9 and ZCS the only way I can receive external mail is to show private (local) server IP in dns configuration like this.

Code:

;
; BIND data file for systems.ru
;
$TTL    604800
@       IN      SOA     mail.systems.ru. admin.systems.ru. (
                        2008122523
                        1500
                        600
                        2419200
                        3600 )
;
@       IN      NS      mail
        IN      MX      10 mail
        IN      A       192.168.8.10 ; private ip
mail    IN      A       192.168.8.10 ; private ip
systems.ru.   IN      NS      ns4.nic.ru. ; external secondary dns
systems.ru.   IN      NS      ns8.nic.ru. ; external another secondary dns

if I change private addresses to public all dns requests are ok, but ZCS can't start

another thing I notice, when I configure bind9 with private IP I can to start ZCS and receive external mail, but with a very big time delay, sometimes about some hours. Especially from gmail.