For starters, I highly recommend that you convert to ACLs on the Pix. Their more restrictived,processed more efficiently, and easier to work with.
Having said that, your conduit looks correct. Are you sure that the addresses in question are accurate? By opening up the ranges to include any and the whole subnet, it worked for you. Therefore, we assume the problem to not be routing or NAT but rather access-control. Turn on logging to the buffer and see exactly /what/why the pix is denying those requests. [logging buffered 7] The easiest way to do testing is to use a telnet command line and connect to port 25 from the DMZ host. For example:
telnet 192.168.0.1 25
If successfuly, the screen will update and dispaly a banner or garbled characters(done by fixup). If it just times out, it didn't connect obviously. The pix will tell you exactly what the problem is in the logs [show log]