If this was so simple, you'd see spam blacklists being used that way. Wonder why that doesn't happen...? Right, because you have to spam to get on the list! And to get on the new list, you'd have to have an insecure IoT device in your house.
Still, it's not a good solution. Spamming blacklists hit email providers who better are professionals (and if not, it's a DAMN GOOD idea to block them anyway), while IoT users are primarily private people. You cannot expect them to do a full audit of every piece of junk they buy.
It's time to put the burden on the makers of those shoddy devices, not expect a CS degree from anyone who wants to use one.