This will certainly work, but it might be a bit like overkill Pulling content from one ePO server to another is possible, but it can be slightly tricky to configure.
As an alternative, you could put a single agent on a machine in the DMZ, and configure it to run a mirror task. This will download an exact copy of the McAfee commonupdater site to a folder. You can then make this folder available to the internal network in whatever way you choose - a UNC share, or make it part of an HTTP or FTP server. Then set the internal ePO server to pull from it.