I have an issue with the email address returned when I search the Zimbra GAL for recipients, inside Zimbra Webmail as well as Thunderbird Addressbook.

I'm using ZCS 5.0.12 OpenSource Edition in a multi server configuration, and I have 3 mail domains :

- fr.yy.zz mail domain with authentication using Active Directory domain controllers for French employees; it's where accounts are created
- us.yy.zz mail domain set exactly like the 1st one for US employees, authenticated against another AD domain; there are accounts also here
- example.com with internal authentication, containing only aliases pointing to accounts in the domains @fr.yy.zz or @us.yy.zz

Let me call "account mail address" the one in the form <login>@fr.yy.zz (or @us.yy.zz), and the "public mail address" the one in the form <surname>.<name>@example.com (and the only one that must be exposed to Internet).

This allows me to log in using the "public" mail address as login, Zimbra uses the appropriate domain controller to authenticate, that is good.

I carefully configured Canonical addresses in accounts to contain public mail address, as I read in the forum that this is the email that should be "exposed" when searched everywhere in Zimbra.

However, when I try a search (with Thunderbird or with Zimbra Webmail), the email displayed is the account mail address instead of the Canonical address I hoped. The account mail address may be reachable inside the LAN/WAN, but surely not outside.

I've digged inside the Zimbra LDAP and noted that mail attribute corresponding to account mail address appears first in the list, and this may be the reason why this mail address is returned. Is there a way to tell Zimbra to return something else than mail attribute (like maybe zimbraMailAlias) ? I tried to change LDAP search filter in Thunderbird, without success.

I'm luckily in a state where I can break everything if I did something wrong...

Any help would be much appreciated.
Thank you in advance.