pfSense – How to add a MX record to a local zone

My plan was to have a Zimbra e-mail server running in VirtualBox using the internal networking model with a local domain. To make this work, I have a virtual pfSense box running on the same internal network to provide “outside” access. Additionally, pfSense is also running a DNS resolver so I figured it would be a trivial matter to add the local records I needed.

On the DNS Resolver configuration page you have the option to add “Host overrides” but that only adds A and PTR records. However, the button labeled “Display Custom Options” provides the opportunity to add records directly to Unbound. The syntax is pretty straight forward as shown below (gracefully lifted from Unbound’s detailed example configuration file):

# a number of locally served zones can be configured.
# 	local-zone:  
# 	local-data: ""
# 
# You can add locally served data with
# local-zone: "local." static
# local-data: "mycomputer.local. IN A 192.0.2.51"

Regarding my own local zone, I ended up with the following records (including A, MX and PTR):

# zimbra1.paranoidpenguin.net local zone
local-zone: "zimbra1.paranoidpenguin.net." static
local-data: "zimbra1.paranoidpenguin.net. IN A 10.0.0.16"
local-data: "mail.zimbra1.paranoidpenguin.net. IN A 10.0.0.16"
local-data: "zimbra1.paranoidpenguin.net. IN MX 10 mail.zimbra1.paranoidpenguin.net."
local-data-ptr: "10.0.0.16 zimbra1.paranoidpenguin.net."

The screenshot below shows the corresponding entries from pfSense (remember to restart the service after changes):

pfSense DNS Resolver
pfSense 2.3.4 – Services / DNS Resolver / General Settings