Hi again,

I completely understand that more processing is required during this window however tarpitting is also used during an SMTP session which does not result in genuine mail servers dropping  connections with timeouts. There should be some sort of 'urgent bypass list' in order not to delay very important emails. It doesn't have to be with pre SPF checks, it could just be pre-defined IP addresses that get the green light from the first connection attempt. Adding just domains won't help as anyone can spoof a domain name without at least an SPF check. IP addresses are a little more tricky especially if TLS is involved. 

James