I believe you just need to open up the right ports from the DMZ to the DC on the internal network.
I think MS uses TCP port 445 for replication in 2003.
Heres an example of what is needed to get a dmz host to talk to an internal host assuming the inside IP is using the class A 10.0.0.0 network, and the DMZ is using the class C 192.168.1.0 network.
1) Static for the internal host to the DMZ (high security to low security translation). This translation preserves the internal hosts IP.
static (inside,dmz) 10.1.1.1 10.1.1.1 netmask 255.255.255.255
2) Create an ACL to permit the dmz host to the internal DC.
access-list dmz_acl permit tcp host 192.168.1.2 host 10.1.1.1 eq 445
3) Apply the acl to the dmz interface.
access-g dmz_acl in int dmz
If this doesn't solve the replication problem you could do some more searching for the correct ports, or you can change the dmz ACL to...
access-l dmz_acl permit ip host 192.168.1.2 host 10.1.1.1
While replication is occuring you can issue the following command.
show conn | grep (exhange_IP)
This will show you the ports and protocols the servers are using to replicate. This will help nail down the information so you can just permit these ports/protocols in your ACL.
Daniel