High Performance, Security, Redundancy
I am new to Zimbra, but not new to linux, security, largescale systems or identity. On my site I run, PostgreSQL, FedoraLDAP, Tomcat, jBoss, Postfix etc already. I have looked at how Zimbra package their product I must admit with some smiles. (Yes I know I could restructure with symbolic links BUT... )
Can another LDAP directory be used for the repository. I know it wont work with the supplied install tools (thank goodness). My general comment would be I can snaffle the schema and port them to another LDAP directory where I can provide some proper access control over attributes etc (and that is not active directory). I am building what most would call a site with "military grade security" even though I hate the words. I dont believe your current implementation can meet my requirements for security but I am willing to put in some yards.
Do you use JAAS for (J2EE)tomcat security or have you implemented your own model (havent looked at the code yet)? (I am thinking in the terms of single-sign-on products where I can force authentication in the DMZ using HTTPS access at a gateway, SSL terminate their, run it through application firewalls (to make sure they are not being naughty), and then sent it through another firewall to tomcat knowing already who it is, that the request is clean and that tomcat will not cough up more than it should with the request.)
I have a deployment model in mind that some may have tried and I would like comments if possible. I would put the MTA, Virus and SPAM apps on its own hardware with multiple instances for scalability and security (I think the install suggests tha anyway). Store all mailstore stuff (files, index's and DB's) on a central filestore (SAN/iSCSI) and have virtual machines running on multiple severs with each virtual server instance running tomcat and mounting its own mailstore filesytem from the central filestore. This way you can shift instances of the mailserver around for scale and redundancy as required and it would aid backup/restore
A security comment. Storing the mix of applications, configs, files, databases, indexes and logs on one place by the installer is a very bad model for either security or management. Just my comment!