After many hours banging my head against a brick wall (not helped by a malfunctioning Exchange server used for testing) I have solved this myself.
The solution is to look for the following section in the check_recipient ACL:
Code:
#recipient verifications are required for all messages that are not sent to the local machine
#this was done at multiple users requests
require verify = recipient
After it, put in the following:
Code:
warn
condition = ${if eq {1}{${lookup{$domain}lsearch{/etc/staticroutes}{1}{0}}}}
add_header = X_Staticroutes: TRUE
require verify = recipient/callout=use_sender
Looks so simple. I don't think you actually need the add_header line but that won't cause any problems. I recommend this for everyone who is using staticroutes as it stops those rejected dictionary attacks from clogging up the mail queues. (Make sure you thoroughly test it out first though and don't blame me if anything goes wrong - it works for me!).