I have a rather harsh DMZ requirement to satisfy.

I have an internal network and a DMZ network. My existing mailserver is located on the internal network. Inbound connections from the internet on port 80 and 443 are only allowed to the DMZ. Connections from the DMZ to the internal network are not allowed unless the connection is initiated from the internal network.

I want to setup my new mailserver and allow users to access the new server with web and mobile capabilites.

Is there a way with Zimbra to setup a server on the internal network as my main mailserver and setup a "replication" server on the DMZ. Can this be setup so that the main mailserver will initiate the connection with the replication server in the DNZ? If the setup is possible then can my users access either the internal mailserver or access the replication server via their mobile devices and have the system act like it were a single server?

I have ~20 users that will use this system.