... there is no way to differentiate between "small legit transactions" and fee-paying spam if they pay the same fee
Can you articulate your definition of 'fee-paying spam'?
Currently the network node operators are overwhelmingly supporting 1MByte block limits
Upon what do you base this bald assertion?