I wonder if ESMTPA, ESMTPS, and ESMTPSA (and the same for LMTP) is
the best way to go; I know we're restricted to an ATOM in 2821, but
perhaps this could be relaxed either by allowing additional ATOMs for
WITH or by adding a new OPT-INFO clause such as USING; either way we
could indicate SMTPAUTH and STARTTLS using separate flags to make
combining them easier (especially if something new comes along).
Messing with the syntax is a really bad idea IMO. I understand that there
is some discomfort in embedding information in tokens like this, but
it has the feature that it beats the alternatives.
I might feel differently if I felt this was going to turn into a completely
open-ended thing. But I see little chance of our adding additional
orthogonal security facilities to SMTP in the future. What you see is all
there is.
Ned