Slightly advanced DNS help

[10ECsoon]

Help me out, geniuses; I'm still new to DNS. Using Windows 2003 AD
Here's what I want to do: re-direct certian websites from a specific domain to an internal webserver, and allow others to go on as normal. The example I'll use is Yahoo webmail: I want to allow www.yahoo.com and the rest of yahoo to work as normal, but redirect mail.yahoo.com to an internal website that has a warning about webmail access not being allowed. Follow this procedure for any other major webmail carriers - Earthlink, AOL, etc.
Problem is, if I create a new zone for yahoo.com and create an A-record for "webmail" giving it my internal webserver IP, then the rest of yahoo.com is unresolvable. Forwarders are setup using ISP's DNS servers, and I assumed since my DNS server won't be able to resolve www.yahoo.com that it would forward that request on to the ISP, but it isn't happening like that.
What's the right way to do this?

[Tuttle]

With a proxy server; something like ISA for Windows or Squid for Linux.

If you want to do it with DNS trickery though, I guess the first thing to try would be to create a zone for mail.yahoo.com instead of just yahoo.com. That might be enough to do what you want, but only if the stuff you want to block is on a separate domain (ie if they suddenly change it to www.yahoo.com/mail you're stuffed). As you've noticed, once you create a zone for something and pretend to be authoritative, you're responsible for everything in that zone and its subdomains.

Otherwise you can also try to push HOSTS files out to the PCs and deal with it that way.

[10ECsoon]

I see. I'll try playing around with zone files and see what I come up with.
Thanks