@albert8988 if you need that kind of assistance, I would recommend to find a VAR from Zimbra that helps you with it or even, although is buggy (for instance, the VAR that I work for is not listed even when we work with Zimbra since 2008) here is VAR locator you could use: https://www.zimbra.com/partners/resellers/
@milauria What I meant with "deploying an all-in-one while doing so is just not a good practice", is based on my understanding of basic network segmentation and my own experience with customers where all of them have at least 1 DMZ to provide access to their data (usually in a "server network"). As you said, it is doable (I deployed several single-servers but only in my labs), is just not a good practice. If I may, I would suggest to you to consider these things:
- Even if the enviroment where you are deploying Zimbra has no DMZ, try to deploy multi-server with ldap/store on one and mta/proxy on the other. Explain the customer why to consider a DMZ https://en.wikipedia.org/wiki/DMZ_(computing
- I never worked with a customer that did not have a DNS in the LAN already, but if that's the case, I would recommend to have a separate server to host your DNS.
- I'm not aware of any situation why dnscache should not be enabled*. It is just a way of avoiding having to query the DNS server for a name resolution each time a mail is being sent. It is more secure and faster than not having it activated. https://wiki.zimbra.com/wiki/DNS_cachin ... _(dnscache
*edit: unless you install a dns server in the same server where you have Zimbra, which in other point I recommend not to do.