I suppose I could in theory use 1 IP and NAT the ports to the right boxes, but...
Would I need a public IP for each proxy server and each MTA? Should I put a proxy and an MTA on the same container, reducing my footprint?
Initially, all containers will be on the same physical server, but I'll eventually migrate one of each server to another physical location, for DR reasons.
I'm splitting things for future scalability, not so much current load.
Set the MX servers with equal weight to each MTA's public IP. Set each proxy server up with A records for each proxy server, round-robin fashion.