New year, new environment. I got laid off from my last employer, and they were kind enough to not whack my mailbox on the spot (2 1/2 years as network admin has to count for something, right?), and I've just now finally gotten built a sufficiently ballsy box to run Zimbra to move my mail to.

So I installed 6.0.8CE.

And, of course, because I'm not running DNS on *this* much smaller LAN, I got bitten by the LMTP/7025 problem mentioned here:

Incoming Mail Problems - Zimbra :: Wiki

It seems to me that this problem is one of an entire class of problems which are the result of the Zimbra architectural people not understanding, deep in their bones, that nearly *all* of their installs:

1) will be behind a firewall; normally a NAT firewall
2) will be done at a time when the public MX address won't necessarily yet point to the server, cause you need to *test* the server first, and
3) will be on a machine that only actually responds to the public IP of it's MX because of that NAT.

That is: the machine will next to *always* have a private LAN address, and that name won't resolve to the same thing inside and outside a network.

Because of this, lots of assumptions made by the installer and the system about equivalences between public and DNSable addresses, and the actual physical IPs of the boxen are invalid assumptions in this very common setup.

While the prescribed Split-DNS solutions *will* fix this problem, they're somewhat overcomplicated for really small sites, *and* they make it difficult to figure out what answers you're supposed to provide during install and some of config, as well.

I'm open to opinions that one or more of these assertions are either totally incorrect, or do not apply sufficiently widely for them to take notice of... but I think they do.

On this specific point, there ought to be a much easier and less breakable way to force the LMTP delivery point in the configuration. I haven't checked 'zilla yet; perhaps someone's already hung this bug...