Eugen Leitl <eugen@leitl.org> writes:
"A way that works" would involve passphrase-locked keyrings, and forgetful MUAs (this mutt only caches the passphrase for a preset time).
"A way that works *in theory* would involve ...". The chances of any vendor of mass-market software shipping an MUA where the user has to enter a password just to send mail are approximately... zero.
Filtering for signed/vs. unsigned mail doesn't make sense, authenticating and whitelisting known senders by digital signature makes very good sense.
In that case you can just filter by sender IP address or something (anything) that's simpler than requiring a PKI. Again though, that's just another variant of the "Build a big wall" dream. In order to have perimeter security you first need a perimeter. If the spammer you're trying to defend against is your own mother (because she clicked on an attachment you sent her, it says so in the From: address, that's actually a spam-bot), you don't have a perimeter. All you have is a big pile of Manchurian candidates waiting to bite you. Peter.