KB 1292        Last updated on 07/11/2015  

(0 votes)

Here's a quick overview of what you need:

First, remember that you need to set up an MX record for the DOMAIN, which points to the A record for the HOST, which will be the IP ADDRESS of the box running zimbra.

Example: Zimbra is running on zcs.domain.com, IP You send mail to user1@domain.com

Postfix will look up the MX record for domain.com, which will return zcs.domain.com, IP address

Something like this is the file you need. This sets itself up as the SOA for the domain.com domain, sets the NS record to be zcs.domain.com, standard timeout stuff, then adds one MX record, plus the A record that corresponds to the MX record.

$TTL 3D @ IN SOA zcs.domain.com. zcs.marcmac.com. (

8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ) ; minimum, seconds
NS zcs ; Inet Address of name server
MX 10 zcs.domain.com. ; Primary Mail Exchanger

zcs A

mail IN CNAME zcs ; CNAME for a common nickname

otherhost IN A ; another host, for example

www IN CNAME otherhost ; with a nickname

So, drop that in the domain.com file in /var/named/data (or /var/named/chroot/var/named/data, depending).

In /etc/named.conf (or /var/named/chroot/etc/named.conf), you'll put:

options {

directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";


include "/etc/rndc.key";

zone domain.com {

type master;
file "/var/named/data/domain.com";


A note about chrooting - most name servers run in a chrooted environment - so, you'll create the files in /var/named/chroot/whatever - but remember, when named is running, it's paths are relative to the chroot - so when you REFER to a file (as I do above in the named.conf snippet) you'll have absolute paths that are relative to the chroot.

Is it chrooted? Check /etc/sysconfig/named for a ROOTDIR value. If it's present, then that's your chroot.

Also, make sure that this nameserver is listed first in resolv.conf. Also, if there are other hosts in this domain, you should add them, too - or you won't be able to resolve them.

CAVEAT - I haven't touched my named config in a while, so more recent bind versions may be pickier than mine - but this should work.

Another CAVEAT - Run named chrooted, as a non-root user. Bind is known for exploits, and being hacked is a drag. My examples are just to get you going, and aren't intended as a Bind security primer.

Firewall and DNS

If you are running a ZCS installation that is behind a firewall and has its IP address masked using NAT, mail delivery may not work correctly if the internal IP address is not listed in DNS. In order to reconcile the private and public IP addresses in DNS, you may need to set up Split DNS. More information on Split DNS configuration is available on the Incoming Mail Problems page.

Verified Against: Zimbra Collaboration 8.6, 8.0 Date Created: 04/16/2014
Article ID: https://wiki.zimbra.com/index.php?title=DNS Date Modified: 07/11/2015

Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search