Milter-greylist

>Because at that time, you accepted the message, and the only way to send a 
>notification is to trust the sender address. And you know this is forged 
>most of the time.

??

I thought the point of sending a notification to a black-listed sender was 
to warn him in case he's actually LEGIT. If the sender address is forged, 
why do you give a damn about notification??

>Because at the MUA level, the user can review the operation. The MUA could 
>use DNSRBL to tag mails as probably spam and the user can delete or not.

Oh. You didn't make that clear before. I hardly think of that as 
"filtering," since the receiver still bears the nuisance of wading through 
all his spam.

>Some spammers spam through ISP SMTP servers, causing all this ISP customers 
>to be in blacklist.

That just proves that's a foolish way to build a blacklist.

>Moreover, a spammer that discovered a honeypot could work on poisonning the 
>honeypot.

Ah. Good point. That would be a difficulty.