If routable addresses are not available, you
select an appropriate RFC1918 address range
edit your webserver, emailserver
add appropriate redirections
rdr on $ext_if proto tcp from any to $ext_if port \
$webports -> $webserver
rdr on $ext_if proto tcp from any to $ext_if port \
$email -> $emailserversegment off your DMZ, introduce address pools