How to best handle transition between servers - names and DNS

[neontangerine]

I posted a question in the Admin forum regarding certificates that is related to this, however after researching I am pretty sure I know what I must do.

I am in the middle of moving approx 40 users over from using Google as our company email solution, to our own in-house hosted Zimbra install. Things are going quite well aside from a few missing messages during the impasync that I am working through.

My bigger problem is related to my SSL certificate and also our DNS records. I am only allowing https and imaps connections to our server, and smtp is using TLS authentication. http, imap, and pop are all blocked at the firewall and not permitted due to our security rules.

The install was done with the zimbra server having the name 'mail.mydomain.com' however this publicly still points to Google to support the users that are not yet migrated. I am actually using a second catch-all domain 'mail.mydomain.ca' to handle messages forwarded from Google to Zimbra until I can move my A and MX records.

IS there a way I can configure my MX and A records so that all my email goes to my Zimbra server, and then for users not yet migrated it is then forwarded to Google without losing the domain information?

I am working to move the remaining users as quick as possible but there have been some scheduling issues and it is important that I not interfere with people's mail any more than necessary. I also have some people travelling that complicates this process.

Any help or recommendations of how to best handle this would be appreciated.