I think they mean scanning on the receiver's client, not the sender's. There's no security problem there - a spammer with a rogue client will just send spam that's blocked by each client, and if you don't want to get spam, upgrade your client.
I am still doubtful that this will work - spam filtering a la GMail requires a good deal of aggregated data, being able to piece together related e-mails from many people's inboxes. It's effectively the reverse problem as NSA surveillance: instead of piecing together patterns in messages to highlight them, you piece together the patterns to block them. And so anything that blocks the NSA will make the spam filters we've come to depend upon non-functional. But that's because of lack of data, not because of client insecurity.
As nostrademons said, I meant on the receiving client, not the sender. Other than it being a potentially difficult nut to crack I don't really see any technical reason it'd be infeasible. Is that what you meant?
I am still doubtful that this will work - spam filtering a la GMail requires a good deal of aggregated data, being able to piece together related e-mails from many people's inboxes. It's effectively the reverse problem as NSA surveillance: instead of piecing together patterns in messages to highlight them, you piece together the patterns to block them. And so anything that blocks the NSA will make the spam filters we've come to depend upon non-functional. But that's because of lack of data, not because of client insecurity.