Currently Cloud VPS tenant instances use the production exim servers to relay mail from. This is bad for a number of reasons (possible spam/RBLs, unnecessary load etc.) We need to have cloud-specific smarthosts.
Additionally, we should integrate this with LDAP and have root@ go to sysadmins of particular projects (T61142).
The introduction of the new 172.x private range for the eqiad1-r deployment makes this more urgent as instances in the new range cannot access the existing exim servers at all because they are outside of the 10.x allowed range.