1. Issue that exim.conf cannot respect external MX.
Even if the site’s DNS contains the foreign MX:
550 No such recipient here (in reply to RCPT TO command)

If a domain is created / prepared to be moved: Mail sent from a domain on the same shared server/IP may go to a site in preparation that cannot receive mail yet.

When a domain has MS Exchange:
originaldomain.com -> forwardingdomain.com (exists on same shared server / IP)-> externalmxdomain.com returns with No such recipient here.

How exim.conf can be standardized (updating Exim configuration rewrites exim.conf)

“cp /etc/virtual/domains /etc/virtual/external_mx_domains”
Keep only domains in the file that have MX elsewhere.
“chown mail:mail /etc/virtual/external_mx_domains”
(for wrong ownership I did not see a proper error message opening the exim mail queue)
To add in default exim.conf:
domainlist external_mx_domains = lsearch;/etc/virtual/external_mx_domains
Routing in both forwarding and regular:
domains = +external_mx_domains : ! +local_domains

2. Issue when relay is without SRS identification.
An administrator may route forwarding using SRS on the server.
Otherwise failure with non-authorized shows up.

originaldomain.com with -all (no ~all) -> forwardingdomain.com -> externaldomain.com
Note: SPF with ‘~all’ does pass what is then called ‘softfail’.

This is the example setup from DirectAdmin for Exim – http://files.directadmin.com/services/SpamBlocker/smart_route/exim.routers.pre.conf

smart_route:
driver = manualroute
domains = ! +local_domains
ignore_target_hosts = 127.0.0.0/8
condition = “${perl{check_limits}}”

#use remote_smtp only if you do not need smtp-auth.
#transport = remote_smtp

#use auth_relay if you do need to set the remote smtpauth
transport = auth_relay

route_list = * smtp.yourisp.com
no_more

How exim.routers.pre.conf in Exim can be expanded, such as this customized operational setup

server_forward_router:
driver = dnslookup
domains = meetingdistrict.nl : hostfusion.nl : prwingenieurs.nl : ! +local_domains
#domains = +external_mx_domains : ! +local_domains #was proposed!
ignore_target_hosts = 127.0.0.0/8
condition = ${if !eq{$original_domain}{$domain}}
condition = ${if !eq{$original_domain}{}}
condition = “${perl{check_limits}}”
transport = remote_smtp_forward_transport
no_more

cyberfusion_relay:
driver = manualroute
domains = meetingdistrict.nl : hostfusion.nl : prwingenieurs.nl : ! +local_domains
#domains = +external_mx_domains : ! +local_domains #was proposed!
ignore_target_hosts = 127.0.0.0/8
condition = “${perl{check_limits}}”
transport = auth_relay
route_list = * vps.transip.email::587
no_more

Important notice:

My correct forwarding with SRS is received but listed as possible spam by gmail.com / outlook.com even if the original domain setting is secure. The recipient can then accept as legitimate, including future email. If received by professional freedom.nl / soverin.net in the Netherlands, there is no spam notification.