There are many ways to prevent Active Directory users from logging on to certain computers. For large and more complicated scenarios it's best to use Group Policy.
But if I need to create a few "email only" user accounts I normally do following:
Create a normal Exchange / Active Directory user account
Go to Active Directory Users and Computers and open the user account Properties
In the Account tab click on Log On To...
Select This use can log on to: The following computers and add your Exchange server computer account
This will not allow user to actually login to the Exchange server (this is prevented by default server policies) , but you have to enter some computer account as otherwise it will revert to All Computers.
Windows Server 2008 R2 domain
Microsoft Exchange 2010