I block this using some custom code in filter_recipient which keeps the ongoing good and bad recipient counts in a local file in the spool directory. If there are more than 2 bad recipients, and more bad recipients than good recipients, then I reject the whole message and firewall the offender. The determination of which recipients are good comes from a database table of all valid addresses for my domain, which is populated from LDAP and from a list of aliases and other special addresses.
The database overhead is relatively small, as my filter is extensively tied to database tables for logging, stats, blacklist checks, and so on. LDAP updates to the table are done 4 times daily, saving on a real-time SMTP query to any back-end server to see if the recipient is valid, or an LDAP lookup on the fly which can be slow, especially if you have to do secure LDAP.
Argenta Discovery Ltd, 8-9 Spire Green Centre, Harlow, Essex, CM19 5TR
Registered in England No. 3671653
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.