Create a directory lookup tarpit

I have always been reluctant to enable the Exchange 2000/2003 feature to "Filter Recipients Who Are Not In the Directory" found under Recipient Filtering in the Global Settings -> Message Delivery options. The reason is that if the recipient is NOT in the directory, the connection is immediately rejected. This functionality is similar to the SMTP verb VRFY which verifies the SMTP recipient's identity. This can allow a spammer to harvest your SMTP addresses by randomly trying SMTP addresses and checking to see if they are valid.

Microsoft has added to the SMTP engine the ability to initiate a delay for lookups of SMTP addresses in the directory. If you set the Registry value TarpitTime in the key
HKLM\SYSTEM\CurrentControlSet\Services\SMTPSVC\Parameters
this causes a delay in seconds based on the time you specified. I think a delay of 5 seconds or less should be sufficiently long to make it impractical for a spammer to try harvesting your SMTP addresses. This only affects anonymous connections.

See Microsoft KB article 842851 for more information.