A protocol that should have been obsoleted at least 15 years ago.
Seriously, people, SMTP is the last major protocol that seriously needs a redesign from the ground up. From being able to fake return addresses, to no guarantee of end-to-end encryption, to all kinds of third-party DNS-based addons to try to reduce spam and forgery, to ancient file encodings, to even the concept of "bouncebacks", it's all archaic, problematic, and ripe for replacement.
Someone really needs to propose SMTP2, which just fixes this junk, makes everything key-based (so you can't send from a domain unless you have the corresponding key, and not just "well, properly configured places may not accept your email" but actual protocol refusal), provides end-to-end encryption (put public keys in domain DNS for source and destination, sending server negotiates key-pair with end-recipient server and verify it's them that you're talking to using their DNS, then it doesn't matter WHAT mail servers it passes along the way, it can't be modified or snooped on en-route except by authorised systems), properly allows immediate response messages, you can put in explicit functionality for email-forwarding and rewriting if necessary (no reason that can't be done officially, with a full trace history, rather than just trying to tell the world that GMail may send emails on my domain's behalf), allow explicit refusal of email from unknown senders (i.e. they literally have to request permission first, if the user wants that, and are then given an explicit token that lets ONLY them send to you - "Do you want to accept email from hinet.net?" - answer No and there's no way for them to ever bother you again, even if they sell your email address), and turn it into what it should always have been: A transport system, that has no clue what it's transporting, just so long as it gets to the intended recipient, if they want it.
Then all the SPF, DKIM, greylisting, spam filters, postmaster@, bouncebacks, message envelope rewriting, plain-text emails, mass CC:'s, and all the other junk that you have to deal with are consigned to the bin. Don't even get me started on bouncebacks-of-bouncebacks, each with a different format, reason and nothing you can do about any of them. Hell, even a "this email was received by the destination server successfully" binary indicator would be infinitely more use than just guesswork like it is now (just because your ISP mailserver said it would deliver it means nothing, you might get a bounceback an hour or even a day down the line saying that it couldn't talk to the end domain)
Hell, if you made the initial SSL challenges hard enough, you can push spammers out of the market just by the amount of CPU they would have to expend on trying to talk to new users (while established users would already have a negotiated keypair that you could re-use for a period so as to not bog-down genuine servers sending to domains). And your Outlook could literally just store the keypairs of only the people you're interested in talking to, everything else just bounces off the server without you ever seeing it.
SMTP needs to die like Telnet and FTP before it, and like plain HTTP now.
And it's not that hard to put in a HUGE wishlist of things it shouldn't deal with at all, and things that it should, and instantly solve everything from spam emails, to email forgery, to botnet emails, to delivery-silence.
Biting the hand that feeds IT
