OK Thanks for the Reply
So there's no way to make this work properly unless you'll have 2 public IP's .
I was hoping the Firewall was able to filter incomming traffic depending oin the DNS name instead of the IP!
It is not possible because the Firewall never sees that DNS name.
The user at the other end wants to connect to your services, THEY go to DNS and retrieve the address, then they
connect to that address and you get their connection not knowing what name they used to get to it.
Now, in some protocols that information may be part of the information exchange.
That is why a system like Apache can do it, in a webserver or a reverse-proxy.
But this cannot be done by simple "port forwarding".
Similar for mail: the user will tell the mail server where the mail has to go to. You can run a single mail server and
make it accept mail for the 2nd domain, then forward it. But the port forwarding needs to make the decision
at the time the connection comes in, and that is impossible.
So indeed you will need a second public IP address to do it using port forwarding and have two completely