[JZerf]

Tarpitting in general can be fun. I have an iptables rule set up on my mail server that limits incoming SMTP traffic from suspected spammers to just three packets per minutes (which is still fast enough for a legitimate mail server to deliver your typical, less than 250 KB email in under an hour in case you accidentally ensnare a legitimate sender) and I've seen it often tying up spammers for 15+ minutes at a time. Below is a sample of a rule I might use in case anyone else is interested:

  iptables --append INPUT --source 1.1.1.1,1.1.1.0/24 --protocol tcp --dport smtp --match hashlimit --hashlimit-name HASHES_FOR_PROBABLE_SPAMMER_THROTTLING --hashlimit-mode srcip --hashlimit-above 3/minute --hashlimit-burst 1 --jump DROP