Do you have a range of IP addresses assigned from your provider - are the aliases on the public interface actual routable addresses?
If not (if you only have one IP assigned) you won't be able to do this - only that one IP will be found from the Internet, any other isn't routable to you so you can't use anything else for public Internet communication.
Considering all those addresses are valid and routable, you currently apparently have one catch all nat rule set up, maybe something like
Code:
# iptables -t nat -A -s DMZ-range/24 -o public_eth0 -j MASQUERADE
or
Code:
# iptables -t nat -A -s DMZ-range/24 -o public_eth0 -j SNAT --to first-ip-on-public_eth0
If you want something specific for your mail host and your mail host has a non routable IP (172.17.x? 192.168.x? 10.x.y.z?) than you could do
Code:
# iptables -t nat -A -s dmz-ip-of-mail-host -o public_eth0 -j SNAT --to alias-ip-of-your-liking
If it actually has its own routable/public IP, you can just forward, you shouldn't do any NAT.
Apart from all this you'll still have to drill appropriate holes in your iptables filter chains, and especially make sure you don't leave open too much of your nicely firewalled off DMZ.
-Bert