Create a service that can recieve email, determine who it is from, check this against a db. If the email is from an allowed source then forward it on to the recipient.
If it is from an unknown source, repy to the sender, adding a message containing a graphical number sequence to the start of the email.
The sender needs to rply to this email quoting the number in the first line cause the original mail to be sent.
If the correct response is not recieved within a specified timeframe, then the email is deleted.