I've read tons of posts and documentation, but can't wrap my head around this.
Here's the current scenario:
* small office, half dozen of users (mailboxes)
* domain is acmecompany.net
* mail (+ website +DNS) is hosted at ISP (domain: acmecompany.net, can access as pop3.acmecompany.net and smtp.acmecompany.net)
* PCs currently using Outlook / Thunderbird, POP3 (no IMAP)
Here's what I would need:
2) Mail archive
3) Any remote user/roadrunner shall access mail via Zimbra Desktop and VPN
4) Zimbra server installed inside the LAN, no exposure to the internet
5) Incoming mail shall be received by hosted mailserver (Zimbra shall poll mailboxes via fetchmail)
6) Outgoing mail shall be routed through hosted mailserver
7) Outgoing mail shall be stripped of any reference of intermediate hops (Zimbra server, public IP of DSL line), possibly appearing as if it was sent directly from ISP's mailserver
8) Local users shall retain their usual email addresses (firstname.lastname@example.org), without need to change to something like email@example.com, firstname.lastname@example.org etc.
9) Mail between local users should be handled internally by Zimbra server (=not going out to the hosted mail server, then come back in)
1) is obvious, 2) and 3) I know how to handle. I included them in the list so as to give a better idea of the final environment.
4) I know Zimbra is designed to be directly exposed on the internet. But I really want to keep the hosted ISP mail server in the loop. I know this will complicate things, but on the other hand ISP deals with spam, I don't need to bother with DNS records & firewalling while I can use any means to connect to the internet (multiple DSLs and/or cellular backup), I will never have to bother with Spamhaus blacklisting because some moron caught a virus and starts sending spam through our DSL line.
5) Done that, no particular problem
6) 7) Routing outgoing mail through the hosted ISP mailserver would be nice (although we can always decide to send directly, for example if ISP has technical troubles), although not essential. If possible I would like to hide details of the local net (and especially the public IPs of the DSLs) in the message headers. In short, outside world talks to/from hosted mail server; everything behind that (company DSL, firewall, Zimbra server, local clients) is "our business" (and, ideally, details shall not be leaked on the message header except, possibly, the final mail client--PC with Outlook or Thunderbird)
8) 9) Pretty obvious, no need for further explanations. But absolute requirement, anyway.
But I've hit a wall.
First, I have a domain problem. Hosted mailserver is acmecompany.com and I want to retain email addresses (email@example.com). Therefore I understand that domain on Zimbra should be acmecompany.com as well (and BIND or dnsmasq need to be configured accordingly). But then Zimbra cannot resolve pop3.acmecompany.com nor smtp.acmecompany.com. So, my take is the only chance is to be able to DSN override smtp and pop3.acmecompany.com (which must end up on the hosted mailserver, NOT on local Zimbra server.
Second, I'm not even sure if my choice of the local Zimbra domain is right. I could call it local.acmecompany.net (!=acmecompany.net), this would solve DNS problems but then local addresses would become firstname.lastname@example.org and this is not what the doctor ordered.
I've read stuff like Domain Masquerading, split DNS, split domain, but can't seem to get a grasp (especially with my scenario)
I'm really confused, can anybody give me some pointers?