What you need to do is actually pretty simple.
Keep you external DNS records the same. They point to your firewall anyway and you're not changing your external IP's.
In your firewall, change the static NAT rule so that the external MX IP address translates to the IP address of your 8300 appliance. Ideally, this should allow only SMTP and/or authenticated SMTP (I forgot that port number), but that's another issue.
In the appliance you will need to tell it to forward LOCAL domain email to the internal IP address of your Exchange server. Before this, you should also define all of your local domains that it will process email for.
I would recommend that you have the appliance in a DMZ and only allow the necessary services through your firewall to the Internet (SMTP) and to your Intranet (email, LDAP, SSH, http(s), etc)
If you have the skills and equipment, set up a DNS server in your DMZ to process realtime blackhole DNS queries for your appliances. Most lists are free, but some of them request/require payment for commercial access. And they CAN tell based on volume and will limit access. It will be money well spent.
Even though IM filtering is built in, we don't use it, but if your existing systems don't know about the appliance, I don't think you need to worry. The only problem I would expect is if your external IP for IM is the same for email. Even then you could just have your firewall forward that port on that IP to your existing IM solution and forward email to the appliance.