Of course it’s possible to do. We’ve already done it for physical mail.
If (enormous if) the EU or FTC cared to issue a digital signing certificate to legally registered companies then this would basically solve the problem of trust. Now it’d be up to the government to deal with fraud cases, which would be much more manageable since spam offenders would necessarily have a uniquely identifiable certificate with a literal physical address attached (yes, fraud exists there, but the barrier to entry is orders of magnitude higher).
Plain SMTP’s trust model is broken but only legislative apathy enables Google to position themselves as the internet watchdog/bouncer.
Of course it’s possible to do. We’ve already done it for physical mail.
If (enormous if) the EU or FTC cared to issue a digital signing certificate to legally registered companies then this would basically solve the problem of trust. Now it’d be up to the government to deal with fraud cases, which would be much more manageable since spam offenders would necessarily have a uniquely identifiable certificate with a literal physical address attached (yes, fraud exists there, but the barrier to entry is orders of magnitude higher).
Plain SMTP’s trust model is broken but only legislative apathy enables Google to position themselves as the internet watchdog/bouncer.