I feel like solving email privacy (with existing legacy SMTP etc) is far more important than solving an authenticity problem.