The tests you select for "Inbound SMTP" are performed while the SMTP session is open. If the score is sufficient to reject the message, the connected server is notified with an SMTP Response Code. Then the connection is closed.
Next, the score is reset to zero. Then, the system invokes any configured external services (Declude via Proc Folder, SpamAssassin, rSpamd, etc). Declude can discard the message or return a score, I have not used the other products. Assuming the message is not discarded by the external call, the final step is for SmarterMail to run the "Spool Filtering" checks that are implemented internally. If this second score causes the message to be rejected, notification occurs using a non-delivery report sent to the Return-Path address (if you permit non-delivery reports, which I do not recommend.)
The important point is that scores do not accumulate between the two phases.
You are correct that some tests can be executed in both phases. Since the totals are accumulated independently, running the tests twice does not cause duplicated scores, although it does cause duplicated effort.
You also need to understand when each phase is invoked. Inbound SMTP applies to any SMTP traffic, including unauthenticated SMTP from the Internet and authenticated SMTP from POP and IMAP clients. Spool Filtering is applied to every message, regardless of how it arrives. This means that Spool Filtering can be used to detect and hopefully block insider attacks.
I consider insider threats and external threats are very different problems. So I perform all of my inbound filtering using an Incoming Gateway server.