They should be slightly more explicit, but "...before the e-mails are accepted and reject anything that looks suspicious..." almost certainly means that spam is rejected with a 5xx message - or goes to your InBox, but is never accepted then hidden from you in a spam folder.
It's a good approach, and from a legal perspective I'm surprised more systems don't take this approach, because legally (at least in my local jurisdiction), you're deemed to have received an email when it "enters that information system" - i.e. when your SMTP server says 250.
This stuff matters quite a lot in the formation of contracts.
Yes, but the "bounce message" comes to the sender from their own mail system, saying "could not deliver".
This is important, because the receiving system doesn't have a guaranteed way of reaching the sender - modern spam typically fakes the "From:" and <return-path> fields - so well-run systems nowadays never try to do so for fear of generating what's referred to as email backscatter spam.
It's a good approach, and from a legal perspective I'm surprised more systems don't take this approach, because legally (at least in my local jurisdiction), you're deemed to have received an email when it "enters that information system" - i.e. when your SMTP server says 250.
This stuff matters quite a lot in the formation of contracts.