[Exim] Pseudo-rejection of Spam using local_scan()

Since I'm responsible for a lot of "webmaster@"-type addresses, I get
a huge volume of spam, on the order of 2000 spams per day. (!) I'm
using DSPAM to manage this, but obviously if a legitimate e-mail is
misclassified, I will never find it unless the sender contacts me.
Thus, it is imperative to notify people when their message is filtered.

My previous solution did this using mail server "bounce" messages, but
this creates a so-called "collateral spam" problem, where the server
has to manage thousands of error messages for with bogus addresses.
An obvious improvement is to report the errors at SMTP time, which
apparently was the intent behind Exim's local_scan() interface.

So far, I've solved the following problems:

- Get Richard Baker's embedded Perl local_scan.c to link with the dlopen()
patch used by Debian's Exim 4 package

- Write more Perl code to call DSPAM and a virus scanner

- Fix some problems where Perl bugs will terminate the Exim process

- Write Perl code to recursively invoke "exim -bt" to expand aliases
and determine the account names involved (since Exim does not compute
routing until after local_scan() for some reason)

- Write even more Perl code to use these account names to apply
per-user whitelists

However, after this arduous journey, I'm now faced with an Exim
limitation, that you can't pretend to "reject" a message. I tried
calling smtp_printf("550-blah blah") before returning LOCAL_SCAN_ACCEPT,
but this results in invalid output because the "550-blah blah" is
followed by "250 OK id=...". Another approach would be to resend the
rejected e-mail, but then local_scan() will get called recursively,
requiring extra headers to distinguish the already-scanned mail.
So apparently my choice is between dealing with that problem, or
hacking at Exim's receive.c to implement a new code such as
LOCAL_SCAN_FAKE_REJECT.

Has anyone else encountered this problem? Any suggestions?

Cheers,
-Pete