Do MTAs always queue mails when they can't connect to dest MX server?

The IT provider is right, some do bounce immediately. However, in my experience it is only dumb-hosts that bounce immediately, smart-hosts will queue. There are some de facto standards out there for how long an MTA will queue mail before creating a DSN, with 4 hours being the most common. As with all such standard, there is a lot of variability.

The kinds of mails that tend to get sent by way of dumb hosts are mail coming directly from web-applications who are counting on your server being smart enough to deal with exceptions. These can be your own applications to mass-mailers out there on the web. These messages are generally of a lower class of email, but not always.

If you do decide to go with a backup MTA you will NEED to put anti-spam on it. Spammers have known for over a decade now that 'backup' MTAs are a great place to target since they generally aren't as well protected as the primary.

I don't think it is required, but it is good practice.

Pretty standard values for queueing and retries are "first retry after 30 minutes, then every 60 minutes until 12 hours have passed; after that, every six hours until 72 hours have passed, after that, a few more retries at 12-24 hour intervals. If mail cannot be delivered in 7 days, drop the email and (optionally, these days, as there's far too many faked originators) return a 'Sorry, could not deliver'".

This is, admittedly, mostly from experience and somewhat dated, as I haven't run a mail server for work purposes for about 4 years now.