Hi,
I haven't tested it but I don't think that email address is passed back to service provider. I assume that an identity provider just issues a logon ticket for a service user. So it's quite possible that service provider never gets an email address. You could verify this by sniffing SAML token.
I would strongly advise against creating custom logon screen that would capture email address. Security is not a good place for creative solution.
Maybe take a step back. You mentioned that you have a separate box for GW. Why can't you create those users on this box and do not use service user? As far as I know GW is licensed based on number of calls, not based on number of users. This might be different in your case. What's the reason for using one service user instead of multiple users? Is it just licensing or you don't have an easy way how to provision these users?
Cheers