tarekaen87, sorry, I mistook that for the next hop.  Yes, you would obviously need to set it to the next hop gateway.. not itself.  The next-hop gateway will be the ISP router's IP address (192.168.3.x). 

Marvin is right.. if you have one configured the traffic will need to be permitted in the ACL.  If not then you don't.  Some organizations like to control what traffic is allowed from one zone into another regardless of the security level.  The point is, you'll need to allow the traffic if you do have an ACL configured.  Otherwise, traffic will be allowed from higher security to lower security by default.  So for the DMZ to Inside access, you need to just permit the traffic that you want.  If you want all traffic then you will permit any.  Otherwise, specify the source and destination IP/ports in your ACL entries.

I hope that helps.  Let me know if any of this doesn't make sense.  

Depending on all your replies , I will write command as I understand and kindly correct me if I am wrong:

interface ethernet 0/1

nameif inside

security-level 100

ip address 192.168.1.254  255.255.255.0

interface ethernet 0/2

nameif dmz

security-level 50

ip address 192.168.2.2  255.255.255.0

interface ethernet 0/3

nameif outside

security-level 0

ip address 192.168.3.2  255.255.255.0

route outside 0.0.0.0  0.0.0.0 192.168.3.1

object-network  pat_to_interface

subnet 0.0.0.0  0.0.0.0

nat (inside,outside)  source dynamic pat_to_interface  interface

object network mail_server

host 192.168.2.10

nat (dmz,outside) static 192.168.3.10

access list  outside_TO_dmz  extend permit tcp any host 192.168.2.10 eq 25

access- group outside_TO_dmz  in interface outside

access list dmz_TO_inside extend permit tcp host 192.168.2.10 host 192.168.1.11 eq 53