@Willr - I really like where this is going and think it would be a very useful built-in feature. But for it to be effective, not only does it need UI, it really needs to be grounded in a feature that automatically maintains "experience points" or auto-incrementing security levels based on number of approved posts. SMF, phpBB, bbPress, all do that out of the box (and is one reason we *almost* went with a separate phpBB installation instead of this mod.) Without such a feature, the end-admin would need to maintain the "bypass spam" group manually, which many might find too much trouble.
I would need to know if there were any plans for an experience feature, and how it might be implemented, before I could decide how to approach this.
For now, I'm ok with the "logged in" check, because we're already picky about the members we approve.
I've never used github -- but do you think the logged-in code below is useful and should land in trunk?