I am currently evaluating Symantec BrightMail Message Filter for integration with Sun Java System Messaging Server.
There is this little diagram which interests me - Suggested Quarantine Deployment Timeline.
This is another similar Opt-In approach which I was very much against with, as mentioned in my previous post.
I am still preaching that all emails (legitimate or not) must be made available for users. They themselves then decide whether or not to delete the emails.