I know this seems like a moot point to public mail servers, but in my case we're in a corporate environment where the security requirements are quite different. Now that we have this swanky new web client in common use, I've had the inclination to make it available directly on the internet as opposed to our current VPN-centric setup. However, I'm concerned about directly exposing any part of our core mail server(s) to the internet.
Ideally, we'd have a separate machine in a DMZ that would handle the direct traffic, but so far it seems like I have to run nearly a complete ZCS install to get a fully functioning web client. Is it possible to run *just* a web client instance that would connect back to the core server? We may also need to make Zimbra Mobile available outside, is that a separate component or are they both just part of mailboxd?
Is there a official best practice in a scenario like this?