The days of linear precendence are long gone. In 7.x the gateway became capable of evaulating for and returning multple verdicts/actions on a message. The order of evaluation is
mostly a byproduct of how you have your policies and actions configured.
General rule of thumb:
1) Things that can defer or reject the "connection" will do so immediatly when the client connects. The order of operation matters little here, because the operations aren't very expensive: In general the most interesting question and answer here is that we prefer allowed senders over blocked senders.
2) Invalid recipient handling and more "MTA centric" operations occur during the SMTP verb/protocol stage.
3) Technologies which operate on the content of the message occur last afterh the mail has been accepted by the MTA.
AntiVirus Technoligies, then
-
Content Filtering or AntiSpam technologies happen in an order relative to how their are configured.
Finally, all actions are accumulated and performed based on some logical rules of what can happen together and what is destructive and/or path altering.