The best place to get firewall questions answered is the firewall forum.
However, the way to remedy this problem is to setup your DNS server so that it returns the 10.10.1.5 address when resolving the FQDN for internal clients. If that's not an option, then you could deploy a host file to them that statically sets it.
You could also put in a NAT rule that tells inside clients trying to hit the mail server public address to instead use the DMZ address but that's a bit of a hack.