Access lists have an implicit deny all at the end of them. If you craft one that only allows the pool of hosts to access only the dmz netblock, you would be in business. It sounds like you have a pool of addresses that need unhindered access as well though, so have a statement that gives them unhindered access.
Example:
192.168.0.0/24 is the dmz. 192.168.1.0/24 can only talk to the dmz. 192.168.2.0/24 can talk to everyone
access-list outbound restrict permit ip 192.168.2.0 255.255.255.0 any
access-list outbound restrict permit ip 192.168.1.0 255.255.255.0 192.168.0.0 255.255.255.0
access-group outbound in interface inside
will allow 192.168.2.0 to talk to everyone, and .192.168.1.0 to only talk to the dmz