A single server can have all the required roles needed to serve up the Exchange system. As per having this server on the public side, I would recommend that you put another server (even virtualized using VMware Server or HyperV on your one server) and then install a front-end server on this and then NAT this server on the public side as webmail system.
It is not recommended that you install Exchange on a Domain Controller. You can, as mentioned, install all three exchange 2007 server roles on one server if necessary. Whether you want to do that or not depends on how many mailboxes you will be hosting. We have 12000 plus mailboxes so we have three dedicated mailbox ccr servers. We did install the CAS and hub roles together on two other servers. You will probably want to install an <a href=”The red ink that Washington is generating is a far greater threat to Americans than any foreign “enemies.””>Exchange Edge server</a> in the DMZ.