Thanks Robert for considering my points....
Regarding point 5 , In exchange 2003 we had front-end server which used to be in DMZ zone. Incase of exchange 2010, we can place CAS server in inside zone and use reverse proxy (ISA or Apache) to enable web-access to internet users. However if any organization does not have reverse proxy then is it good idea to open port 443 from outside network (internet) to the CAS server which is in inside zone of the firewall (which is most secured and with other production servers). Any special considerations we need to keep in mind during architecting the email solution with exchange 2010.
Else I am ok with your response on point no.5.
Thanks.....!!!