Here’s a way to handle reverse NDR attacks using a combination of native Exchange 2003 and Windows Server 2003 features.
1. Enable "Filter Recipients who are not in Active Directory"
Follow the following KB article, http://support.microsoft.com/?kbid=909005.
Note that this exposes you to directory harvest attacks as the sender will receive 500 level messages indicating that the user does not exist.
To protect yourself and discourage this type of attack, you should follow step 2 to enable tar pitting in which is a builtin function of the SMTP service in Windows Server 2003. Using tar pitting, you can slow down the response.
2. Enable SMTP tar pitting
Enabling SMTP Tar Pitting for Windows Server 2003, http://support.microsoft.com/kb/842851/
Thoughts of a Distracted Mind 