Allowing clients to filter sounds great until you look at the volumes of spam that major (and even minor) email service providers handle. SMTP-time rejection is the only feasible way to handle it.
What you're seeing (and a conversation I've had numerous times, particularly with some individuals who seem to think it's all some Vast Conspiracy Against Personal Communications) is simply the challenges of dealing with email on a scale where you've got more peers than most people have email contacts -- where a peer is another peering email system.
It turns into a reputation management system. And it's a lot easier to deal with those reputations when you've got a handful of major public providers (Google, Microsoft, Yahoo, Aol, Inbox, etc.), and a few thousand major corporations. Once you get outside of the Fortune 500, even corporate emails get hard to deal with. At Krell Power Systems, we had a customer who required us to provide our email server IPs (already listed in both SPF and DKIM, natch) before they'd allow mail from us. The fact that they run a few machines powered by U-235 and are concerned about SCADA threats might have something to do with that level of paranoia.
But allowing all spam through, storing it, and relying on users / client software to filter it is expansive and quite error prone. The good thing about SMTP-time rejection is that it's unambiguous: any well-formed server will recognize that it's failed delivery, and in most cases the message is immediately bounced back to the sender. Accepting email and later trying to determine whether or not it's legitimate risks spoofing, Joe-Jobs, and silently-lost messages. That's actually far worse.
Much as I wish everyone could simply run their own servers, with systems as they stand now, it's just not possible.
What you're seeing (and a conversation I've had numerous times, particularly with some individuals who seem to think it's all some Vast Conspiracy Against Personal Communications) is simply the challenges of dealing with email on a scale where you've got more peers than most people have email contacts -- where a peer is another peering email system.
It turns into a reputation management system. And it's a lot easier to deal with those reputations when you've got a handful of major public providers (Google, Microsoft, Yahoo, Aol, Inbox, etc.), and a few thousand major corporations. Once you get outside of the Fortune 500, even corporate emails get hard to deal with. At Krell Power Systems, we had a customer who required us to provide our email server IPs (already listed in both SPF and DKIM, natch) before they'd allow mail from us. The fact that they run a few machines powered by U-235 and are concerned about SCADA threats might have something to do with that level of paranoia.
But allowing all spam through, storing it, and relying on users / client software to filter it is expansive and quite error prone. The good thing about SMTP-time rejection is that it's unambiguous: any well-formed server will recognize that it's failed delivery, and in most cases the message is immediately bounced back to the sender. Accepting email and later trying to determine whether or not it's legitimate risks spoofing, Joe-Jobs, and silently-lost messages. That's actually far worse.
Much as I wish everyone could simply run their own servers, with systems as they stand now, it's just not possible.