Per-IP ssl certificates for exim
This has not been tested, but seems straight forward enough.
If you require certificates for each IP being used, this is the related exim.conf code:
tls_verify_certificates = /etc/exim/$received_ip_address.cacert
tls_certificate = /etc/exim/$received_ip_address.cert
tls_privatekey = /etc/exim/$received_ip_address.key
where the $received_ip_address
is an exim variable filled with the IP that the connection came in on.
It's likely that the files must exist, so you must have a cert/key pair for each IP, but the easiest way to deal with that would be to use symbolic links for all IPs... or just have an exim check to see if the path exists.. and if not, revert to the defaults.