Erik Naggum made an interesting comment. He said that spam should be handled at the transport level. Greg's work on doing filtering at SMTP time accomplishes this and makes a lot of sense. When a message is rejected, the sending mail server is the one that has to deal with it. In the case of spam, the sending server is often an open rely. Letting it handle the bounces is sweet justice. :-)
In the case of a false positive, it has the added advantage that at least the poor sender, falsely accused of sending spam, gets a bounce and may try to try again.
I bring this up because "STMP time filtering" makes a bypass mechanism work much better. With a system like TMDA, confirmation notices usually generate double-bounces. Instead, we could reject the message with a 5xx error that includes instructions on how to bypass the filter (e.g. include a cookie in the body of the message).
Do you still believe that TMDA is the only answer to spam?
--Guido van Rossum (home page: http://www.python.org/%7Eguido/)