A Freesco box running an intranet MTA for outbound email

With Exim4 you can use "local_interfaces" configuration to restrict the interfaces it listens port 25 (the SMTP connection port), or even change the listening port.
Restricting the interface to your local intranet is easy:

• local_interfaces = <; 127.0.0.1.25 ; 10.0.0.20.25

In this case only the local loop interface (aka lo) and one of the networks (in my case the Freesco box has it's local intranet interface, eth1, at 10.0.0.20).
It is possible to combine this Exim (let's call it the intranet-MTA) with another instance of Exim running for inbound email (the most usual usage of Exim in Freesco boxes... let's call it internet-MTA), as follow:

• local_interfaces = <; 85.2.3.4.25

85.2.3.4 is just an example to illustrate the fact you can only select an IP interface by it's IP address, not an ethernet device (like ppp0, or any other.)
Usually people running Freesco boxes use dynamic IP addresses, so this IP is not fixed at all.

It is possible to tackle this problem as follow.
There is a special argument that is passed to the /rc/rc_user when an IP changes: it's the 'newip' part of this script; I have chosen to restart Exim in this situation, to allow a new configuration (with updated IP) to be taken for the internet-MTA.
Starting Exim in a Freesco box: there is usually an associated starting script (/pkg/rc/rc_exim) that should be able to launch both intranet and internet-MTAs. For the internet-MTA there is a teak: the configuration is generated due to the nature of the dynamic IP.
Refer to the following excerpt:

MY_IP=`ifconfig ppp0 | grep inet.addr: | sed 's/.* addr:\([^ ]*\) .*/\1/'`
MY_A=/usr/exim/conf-autogen
echo "local_interfaces = <; ${MY_IP}.25" > $MY_A
cat /usr/exim/conf-init >> $MY_A
/bin/exim -C /usr/exim/intra.conf -bd -q30m -om
/bin/exim -bd -q30m -om

This will depend on how you have installed Exim. The version I actually use takes the configuration file at: /usr/exim/configure. The first Exim call chooses the fixed configuration (for the intranet-MTA), whilst the second call executes the usual internet-MTA.

The first is used for all my intranet outbound messages, the second for all inbound messages.
The port is always the standard (25, i.e. SMTP).

Naturally the inbound configuration is much more strict: should not allow any relay, contains some spam-blocking, etc. On the other hand, the outbound configuration is totally relaxed, allowing relay to any host (foreign MTAs, usually on the internet.) I assume thereby all intranet insiders behave well, do not send spam, etc.

The motivation for achieving this scheme: if I used a single Exim instance, and since I run greylist, all mails sent to the outside world would be stalled for around 1 hour (until the greylist expires), or eventually have an error on the MUA, something like: "your message could not be sent". It is also possible to costumize the inbound and outbound Exim instances, in a much easier way.