>>When an innocent site receives mail to an address that does not exist, it
>>is required by Internet standards to bounce it. Strike one.
>
>Rejecting it during the SMTP transaction is an acceptable (some would
>say vastly preferable) alternative.

But this is not always possible. Which mid-size or bigger organization does
not have at least one mail server acting as MX for another mail server, for
perfectly good reasons? That MX server does not know what addresses exist at
the other server and cannot answer in-line. Either way, the only difference
is who is going to send the bounce to the honeypot address.

  Eric