The install/setup of the Open Source Ed looks simple-enough.

I'm a Linux user, but I haven't setup a mail server just yet.

Are there any posts/URLs to adequately securing the installation post-install? For example, does the default Zimbra config allow it to be an "open relay" (sounds bad)?

Why no firewall install recommended? Although this server will be behind a firewall, I don't see the reason to allow all ports open to everyone by default.

Basically, please forgive the newbie questions and let me know where I should go to help myself figure this out? (I know that stmt opens-me-up for a couple of wisecracks...)

Thanks in advance,
AJ