Welcome to Junos.
I understand NAT but am struggling a little with JUNOS (12.1X44-D45.2) approach. Can someone speak to me in English, not in articles?
Sorry, I'm not going to restate the steps, but I do think if you go to The NAT configuration book below you will find it very well laid out. In the table of contents pick your specific scenario then follow the step by step for that scenario.
Based on your list you don't mention if the address used is also your interface address or another address in the same or different subnet. So the specifics vary depending on the scenario. But it does seem clear you will not be using static nat which means you are mapping all traffic from a single internal ip address to a single public address that no other ip address can also use.
NAT Configuration with examples
http://kb.juniper.net/library/CUSTOMERSERVICE/technotes/TN8_3500151-en.pdf
When you configuration has issue select the appropriate troubleshooting link here to get us the logs that will be needed to see what is wrong.
NAT troubleshooting links
http://kb.juniper.net/InfoCenter/index?page=content&id=KB21922
1. Do I need a static route from ge-0/0/0.0 to ge-0/0/15.0 for traffic to get out?
Routing is separate from NAT. So you need a route in place to reach the destination and source to successfully setup a session.
Connected subnets are automatically in the routing table, downstream segments require a route added using any method you prefer, static, ospf, or bgp.
In your case it looks like you only need the default route to your ISP for the internal traffic on ge-0/0/15 to reach the ISP on ge-0/0/0.
2. What are the basic steps and priority in which the zones and policies should be set?
Policies are separate from NAT as well.
Zones are collections of interfaces/subnets with the same security requirements.
When traffic arrives we take the ingress interface zone assignment as source and lookup the route for the destination. The routing egress interface then gives us the destination zone.
Policy lookup now occurs using the source address and zone with the destination address and zone and the requested ports. Default is deny so only traffic explicitly permitted by policy will continue processing.
3. How to allow all serives out but only http(s) and smtp in?
Your policies when you create then can specify port. You would use any for your outbound policy and specify http/https/smtp on your inbound one in this case.