Dear,
I can help you with this project, I have worked for 17 years in infrastructure, managing active directories with more than 1200 users, email servers, and firewall Fortinet, watchguard, IpCop. Squid, IpTables,
I read the documents, phase 1 is fine; what email software do you have in mind for implementation.
Phase 2, Regarding the Firewall, you require it to be open source; it must be transparent and filter HTTPS requests, do you have something in mind or is it at will?
I can help you but first of all, if you want we can meet and discuss the scope and a balance of payment to make you comfortable.
Best regards