Yes, this is perfectly feasible, and we do this with numerous hosted domains, including our own. What you need to do is:
1. Open up port 25 on your firewall, and port-forward to your internal server via NAT. I strongly recommend you use a firewall which sports "service proxies", we use Watchguard Core series firewalls precisely for this reason.
2. If your internal exchange server is on a domain identical to your external cpanel domain, then you need to add an a-record to Cpanel DNS which has an identical name to your internal server, for example: mysbsserver01 -> 220.127.116.11.
3. Set the primary mx record with a low value (5?) to be mysbsserver01.mydomain.com. (Dont forget the trailing . otherwise it wont work!).
4. SSH onto the server, cd to /etc and vi localdomains. You need to remove the domain you just changed the MX for, and while still in /etc, vi remotedomains and add the domain you just removed from localdomains, otherwise anyone else relaying through your server will get a "mailbox not found" error, or worse, they will build up in a pop-box you are not collecting.
This will have mail going into your exchange server via SMTP. Now, to set Cpanel up to secondary, you need to:
5. In /etc vi secondarymx, and add in your domain name. The file may not exist, but thats normal on some servers.
It *may* be nescessary to tweak your exim.conf to make exim look at the secondaryMX file, to be sure, take a look at exim.conf and make sure it shows the following:
domainlist local_domains = lsearch;/etc/localdomains
domainlist relay_domains = lsearch;/etc/localdomains : \
hostlist relay_hosts = lsearch;/etc/relayhosts : \
Then all you need to do is head back to DNS config, add a secondary MX with a weighting higher than the first one (10?) which points to the IP Exim is running on.