I have a design for a system that allows for universal email authentication
by improving upon an anti-spam concept that I introduced earlier.
Per-correspondent subaddresses are a rather old idea. The idea was
popularized by Zoemail in 2001 but it goes way back, at least as far
as the CMU Andrew system in 1990 or 1991.
All of the subaddress schemes appear to try to turn the spam problem
into the introduction problem. That is, if we can recognize mail from
people we already know, then we can do something more aggressive to
mail from strangers like hashcash, C/R, or cranked up filters, and if
a stranger jumps through our hoops, then add them to the list of known
Recognizing mail from known correspondents is a very thoroughly solved
problem. If I were doing it, I would use S/MIME, not because I am
particularly fond of S/MIME, but because it is already implemented in
all the popular MUAs, so you can skip the "if only the six largest
mail vendors implemented it" stuff, they already do.
But the spam problem is not the same as the introduction problem. They
are somewhat related, since it is certainly true that people who have a
history of sending non-spammy mail will probably continue to do so,
but there's all sorts of real but complex situations that it doesn't
deal with at all well, with discussion lists like this one leading
Asrg mailing list