I don't know how to make this work :(
If mikrotik is the default gateway this will work without problems. But when the gateway is another device dst-nat does not work.

WAN (94.8.32.4/23) -> Mikrotik -> LAN (192.168.30.10/24) -> Mail svr (ip:192.168.10.2/24 gw:192.168.10.1)

/ip address
add address=94.8.32.4/23 interface=WAN network=94.8.32.0
add address=192.168.30.10/24 interface=LAN network=192.168.30.0
/ip firewall nat
add action=dst-nat chain=dstnat disabled=no dst-address=94.8.32.4 dst-port=\
25 protocol=tcp to-addresses=192.168.30.2 to-ports=25
/ip firewall filter
add action=accept chain=forward connection-nat-state=dstnat log=yes

I can use a rule, but I need real connection addresses for the mail server
add action=masquerade chain=srcnat dst-port=25 log=yes out-interface=LAN protocol=tcp to-ports=25

Any ideas are appreciated

This won't work because SMTP server doesn't know it needs to use MT as gateway. There are (at least) two ways of dealing with it:

1. set up static route on SMTP server to use MT as gateway. I don't know how feasible that would be if SMTP server should only use MT as gateway for SMTP to most destinations but not for the rest of communication it might be involved with.
   A variant of this setup may offer what you need: set MT as default gateway for whole SMTP server and then create some PBR rules on MT to use own uplink for SMTP and the LAN bateway for the res. Beware that you should take care about firewalling in this case because for non-SMTP connections MT won't see return packets and its connection tracking machinery will not be able to obtain correct connection status (and would thus drop the connections).
2. set up SRC-NAT on MT for DST-NATed connections. This way SMTP server will see all connections as if they originated from MT and will respond accordingly. However, SMTP server will see MT's IP address as source of all connections. This is obviously not the way to go if you want to see real src IP addresses on SMTP server