Am I Missing Something? (Score 1)

I'm no expert, but why didn't we slap this problem in the face long ago with digital certificates?

I'm sending a piece of mail ... here's my cert ... you trust the root CA. If I'm known to be a spammer, blacklist me ... bada boom!

Is it an implementation problem? Could authentication be implemented on top of the existing system and phased in?