I've been working on similar project since last year as well. (I slacked a little bit -- grad school and stuff).
Too bad the SMTP protocol is limited. I was thinking of ways such a service can be designed in a provably secure way (where we don't get to actually read the messages, just apply rules based on headers only). Any thoughts?