if you mean you have two seperate network connections into a single VMware server instance with a vSwitch for each nice, one for LAN and one for DMZ then in theory your fine, but it's pretty ugly to be using different security zones on a single platform. Your DMZ systems would be much more likely to be physical machines and not VM's for various security reasons. If you are looking for better security then I would often put low level security zone separation before best practises of SMTP traffic.
depending on your security architecture, many linux / bsd based firewall distro's, e.g. smoothwall, pfsense, ipcop, astaro can provide the SMTP gateway functionality within a security device, which might be a simpler way to get what you're alluding to.
Last edited by acid_kewpie; 12-13-2008 at 03:00 PM.