Do not think of the DNS proxy in Check Point as a DNS Server. It is not.
The IP address that should be published to the world as where to resolve for your domain name should an IP address from each public range. These two addresses should then be NATTed through to the DNS Server in the DMZ.
I purchased a domain from
Domain name registration from 123-reg and in there DNS Control Panel is configuration where you tell them which DNS Servers will be primary/secondary etc for your domain. They suggest that unless hosting your own DNS Server to leave as there DNS Servers.
In your case it would be the Public IP addresses that your DNS server is NATTed too.
You do not need to delegate any subdomain to the Firewall as all it does is intercept the DNS request sent to your DNS Server. It will see if it is an A record and if it is will see if there is a matching record in the DNS Proxy and if there is a match then responds with an IP address. For other DNS records like MX then the request is ignored by the DNS Proxy, and is Address Translated and forwarded to the DNS Server. Your DNS Server will therefore be responsible still for all subdomains of mydomain.com. You would only delegate if it was a full DNS Server.
The entry in the DNS proxy should match what you are going to have the users type in to access the OWA.
ie if you want them to type
owaserver.mydomain.com/folder_name
then you would have an entry as
owaserver.mydomain.com with an IP from each Public IP range.
folder_name obviously depends upon Exchange version, as is different per Exchange Server version.
As long as mydomain.com DNS lookups are sent through the Firewall with the DNS proxy then this should work.