OK, the symptom has changed, but it's far from resolved.

Here's the scenario:

A block of 5 external IPs, 111.112.113.82 - 111.112.113.86 mask 255.255.255.248, assigned to outside vlan (111.112.113.82/29).

Two servers, 192.168.6.2 and 192.168.6.3, residing on the dmz vlan (192.168.6.1).

192.168.6.2 presents Email-Ext services (actually a subset) to the .83 outside interface.

192.168.6.3 presents Email-Ext services (a superset) to the .84 outside interface.

The .84 services are there in a portscan.

The .83 services are not.

It seems to me that they're set up identically, yet one works and one does not. Portscans from the dmz indicate both servers are listening.

Here's the scrubbed config:

: Saved
:
ASA Version 7.2(2) 
!
hostname CZ-firewall
domain-name CZ.local
enable password xxx encrypted
names
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 192.168.3.1 255.255.255.0 
!
interface Vlan2
 nameif outside
 security-level 0
 ip address 111.112.113.82 255.255.255.248 
!
interface Vlan3
 nameif dmz
 security-level 50
 ip address 192.168.6.1 255.255.255.0 
!
interface Ethernet0/0
 switchport access vlan 2
 speed 10
 duplex full
!
interface Ethernet0/1
!
interface Ethernet0/2
 switchport access vlan 3
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
passwd xxx encrypted
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup dmz
dns server-group Default
 name-server 8.8.8.8
 name-server 8.8.4.4
dns server-group DefaultDNS
 domain-name crapzapper.local
object-group service Email-ext tcp
 description External email services
 port-object range smtp smtp
 port-object range https https
 port-object range 465 465
 port-object range 563 563
 port-object range 587 587
 port-object range ldaps ldaps
 port-object range www www
 port-object range 993 993
 port-object range 995 995
object-group service Email-int tcp
 description Internal email services
 port-object range pop3 pop3
 port-object range nntp nntp
 port-object range imap4 imap4
 port-object range ssh ssh
 port-object range smtp smtp
 port-object range ldap ldap
 port-object range https https
 port-object range 465 465
 port-object range 563 563
 port-object range 587 587
 port-object range ldaps ldaps
 port-object range www www
 port-object range 993 993
 port-object range 995 995
object-group service VPN tcp
 port-object range ssh ssh
 port-object range telnet telnet
 port-object range https https
access-list dmz_access_in remark For DNS, etc
access-list dmz_access_in extended permit udp any any 
access-list dmz_access_in remark So that DMZ hosts can access the internet
access-list dmz_access_in extended permit tcp any any 
access-list dmz_access_in remark So that PING works
access-list dmz_access_in extended permit icmp any any 
access-list dmz_access_in extended permit ip any any 
access-list CZ standard permit 192.168.3.0 255.255.255.0 
access-list outside_access_in extended permit icmp any any 
access-list outside_access_in extended permit tcp any host 111.112.113.82 object-group VPN 
access-list outside_access_in extended permit udp any host 111.112.113.82 
access-list outside_access_in extended permit tcp any host 111.112.113.83 object-group Email-ext 
access-list outside_access_in extended permit udp any host 111.112.113.83 
access-list outside_access_in extended permit tcp any host 111.112.113.84 object-group Email-ext 
access-list outside_access_in remark SSH access from Pat's house to the email server
access-list outside_access_in extended permit tcp host 14.15.16.8 host 111.112.113.84 eq ssh 
access-list outside_access_in remark Mail Admin access from Pat's house to the email server
access-list outside_access_in extended permit tcp host 14.15.16.8 host 111.112.113.84 eq 4040 
access-list outside_access_in extended permit udp any host 111.112.113.84 
access-list outside_access_in extended permit tcp any host 111.112.113.85 object-group Email-ext 
access-list outside_access_in extended permit udp any host 111.112.113.85 
access-list outside_access_in extended permit tcp any host 111.112.113.86 object-group Email-ext 
access-list outside_access_in extended permit udp any host 111.112.113.86 
access-list outside_access_in extended permit tcp host 111.112.113.83 host 192.168.6.2 object-group Email-ext 
access-list outside_access_in extended permit tcp host 111.112.113.84 host 192.168.6.3 object-group Email-ext 
access-list outside_access_in extended permit tcp host 111.112.113.85 host 192.168.6.2 object-group Email-ext inactive 
access-list outside_access_in extended permit tcp host 111.112.113.86 interface dmz object-group Email-ext inactive 
access-list outside_access_in extended permit udp interface dmz host 192.168.6.3 
access-list outside_access_in extended permit udp interface dmz host 192.168.6.2 
access-list restrict-outbound-from-lan extended permit udp any any 
access-list restrict-outbound-from-lan extended permit esp any any 
access-list restrict-outbound-from-lan extended permit tcp any any 
access-list restrict-outbound-from-lan extended permit icmp any any 
access-list restrict-outbound-from-lan extended permit gre any any 
access-list restrict-outbound-from-lan extended permit tcp host 192.168.6.3 192.168.3.0 255.255.255.0 object-group Email-ext 
pager lines 24
logging enable
logging emblem
logging asdm notifications
logging mail notifications
logging host dmz 192.168.6.3 format emblem
logging class email mail emergencies 
mtu inside 1500
mtu outside 1500
mtu dmz 1500
ip local pool RemoteAccess 192.168.3.41-192.168.3.50 mask 255.255.255.0
no failover
monitor-interface inside
monitor-interface outside
monitor-interface dmz
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-522.bin
no asdm history enable
arp timeout 14400
global (inside) 1 interface
global (outside) 1 interface
global (dmz) 1 interface
nat (inside) 1 192.168.6.3 255.255.255.255 dns
nat (inside) 1 192.168.3.0 255.255.255.0
nat (dmz) 1 192.168.6.0 255.255.255.0 dns
static (dmz,outside) tcp 111.112.113.83 smtp 192.168.6.2 smtp netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.83 www 192.168.6.2 www netmask 255.255.255.255 
static (dmz,outside) tcp 111.112.113.83 https 192.168.6.2 https netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.83 587 192.168.6.2 587 netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.83 993 192.168.6.2 993 netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.83 995 192.168.6.2 995 netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.84 465 192.168.6.3 465 netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.84 smtp 192.168.6.3 smtp netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.84 995 192.168.6.3 995 netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.84 993 192.168.6.3 993 netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.84 563 192.168.6.3 563 netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.84 ldaps 192.168.6.3 ldaps netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.84 https 192.168.6.3 https netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.84 www 192.168.6.3 www netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.84 ssh 192.168.6.3 ssh netmask 255.255.255.255  dns 
static (dmz,outside) tcp 111.112.113.84 4040 192.168.6.3 4040 netmask 255.255.255.255  dns 
static (dmz,inside) 111.112.113.83 192.168.6.2 netmask 255.255.255.255 dns 
static (dmz,inside) 111.112.113.84 192.168.6.3 netmask 255.255.255.255 dns 
access-group restrict-outbound-from-lan in interface inside
access-group outside_access_in in interface outside
access-group dmz_access_in in interface dmz
route outside 0.0.0.0 0.0.0.0 111.112.113.81 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
eou clientless password xxx
group-policy CZREMOTE internal
group-policy CZREMOTE attributes
 dns-server value 192.168.3.3
 vpn-filter none
 vpn-tunnel-protocol IPSec 
 ipsec-udp enable
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value CZ
 default-domain value crapzapper.local
username Bob password xxx encrypted privilege 0
username Bob attributes
 vpn-group-policy CZREMOTE
http server enable
http 192.168.3.0 255.255.255.0 inside
http 14.15.16.8 255.255.255.255 outside
http redirect inside 80
http redirect dmz 80
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
crypto dynamic-map outside_dyn_map 20 set pfs 
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
tunnel-group CZREMOTE type ipsec-ra
tunnel-group CZREMOTE general-attributes
 address-pool RemoteAccess
 default-group-policy CZREMOTE
tunnel-group CZREMOTE ipsec-attributes
 pre-shared-key *
vpn-sessiondb max-session-limit 5
telnet 192.168.3.0 255.255.255.0 inside
telnet 14.15.16.8 255.255.255.255 outside
telnet timeout 5
ssh 192.168.3.0 255.255.255.0 inside
ssh 14.15.16.8 255.255.255.255 outside
ssh timeout 5
console timeout 0
dhcpd auto_config outside
!

!
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
!
ntp server 66.96.30.35 source outside prefer
prompt hostname context 
Cryptochecksum:002146128cb07b0965c57973bc8889e3
: end
asdm image disk0:/asdm-522.bin
no asdm history enable

(Yes, I'm aware that this is not an ideal config. I'm granting wide-open access in some cases. I can clean that up once I figure out what's broken.)

Why are the .84 services available while the .83 services are not?