It depends on where the enrollment is being done from. If you are doing all enrollment from internal only then that is fine but if the enrollment will happen from the outside the LAN(this is most common) then both should be specified. But again it all subject to your environment and enrollment practices.
Our setup will require both, inside and out. So sounds like i will need to setup both; internal and external.
Also, when it states that "This record allows users to enroll Android or iOS mobile devices using their individual email addresses". Does this mean that users who are enrolling must have a valid company e-mail address?
Yes, it does if they do not have a valid email they need to use the enrollment URL.
Are you sure that a valid email is required ?
I've successfully enroll an iPhone with an imaginary email account (but with the correct domain name).
I think the enrollment process use the name after the "@" to discover the mdm server.
Are the records different when used on external DNS? Specifically using Network solutions. When I have them entered identical as the internal they do not seem to work. FYI, I have the servername the same, using a url and not a domain type name, and I can reach it without any issues from internal and external.