I ran into some issues with Exchange running through Zone-based firewalls, where the servers would not pass mail between them. This appears to be related to SMTP inspection rejecting the ESMTP commands Exchange uses. The problem can be resolved by creating a class for SMTP between your mailservers, and configuring it with a pass action, instead of inspect. Just remember that you need to create rules in both directions, and the class must be before any classes that would inspect the traffic.
A Simple config would look something like this, with the mail servers at 172.16.1.10 and 172.17.1.10.
ip access-list extended ACL-FIREWALL-EXCHANGE
permit tcp 172.0.1.10 0.255.0.0 172.0.1.10 0.255.0.0 eq 25
permit tcp 172.0.1.10 0.255.0.0 eq 25 172.0.1.10 0.255.0.0
! The access-list matches traffic to or from either mail server
class-map CLASS-FIREWALL-EXCHANGE
match access-group name ACL-FIREWALL-EXCHANGE
class-map CLASS-FIREWALL-ALLOWED-PROTOCOLS
match protocol HTTP
match protocol HTTPS
match protocol FTP
policy-map type inspect POL-MAP-LAN-TO-WAN
class CLASS-FIREWALL-EXCHANGE
pass
class CLASS-FIREWALL-ALLOWED-PROTOCOLS
inspect
class class-default
drop
policy-map type inspect POL-MAP-WAN-TO-LAN
class CLASS-FIREWALL-EXCHANGE
pass
class CLASS-FIREWALL-ALLOWED-PROTOCOLS
inspect
class class-default
drop
zone security WAN
zone security LAN
zone-pair security WAN-TO-LAN source WAN destination LAN
service-policy type inspect POL-MAP-FIREWALL-OUTBOUND
zone-pair security LAN_TO_WAN source LAN destination WAN
service-policy type inspect POL-MAP-LAN-TO-WAN
interface e0/0
zone-member security LAN
interface s0/0
zone-member security WAN
Your solution is a good way to address problematic inspection between hosts where the address is known, and the traffic is trusted. However, applying the “pass” action provides no stateful inspection, and depending on the ios version, may offer no logging capability for the traffic. Regarding the difference between SMTP and ESMTP traffic, you need to define “match protocol smtp extended” for the firewall to recognize and allow the RFC 1869 extension commands.