We are about to set up a new Network Edition Zimbra server, and I'd like to get everyone's views on the pluses and minuses of different configurations, please.

Specifically, we are looking for opinions on the use of Public vs. NAT'd IP addresses for the Zimbra server as well as whether to run BIND on the Zimbra server.

Our sense from the docs is that the traditional Zimbra install (let's keep this as a single server install for the moment) has the Zimbra server configured with a public IP address and a running installation of BIND configured with zone files for the domains installed on the Zimbra server.

Our existing Zimbra install has our server configured with a private IP address (NAT'd from the public IP by our firewall), and no BIND installed (instead relying on the local DNS servers provided by our colo host).

We have built many Postfix/Cyrus servers, so we understand the need for a fast, local DNS server (especially for Postfix's anti-UCE capabilities). But we have seen DNS servers get hammered frequently so would like to avoid running BIND if possible.

What are your preferred way(s) of setting up Zimbra?

TIA,
Mark