I have this setting enabled "Filter recipients who are not in the Directory" in our Exchange Server 2003. However, our consulting company has advised to remove this setting to prevent hackers from farming for valid e-mail addresses. Any thoughts on this? Do you guys leave this setting on or off and why? Thanks!