I think most SMTP servers these days offer out of the box SMTP authentication, and
plugging them into a back end database is relatively straight forward.
I also think the majority of the workforce that is mobile uses proprietary solutions to
address this already (such as VPN, Microsoft's RPC over HTTPS, etc).
Suffice it to say, I think the issue for mobile workers sending email securely was solved
All mail must be sent by the authorised servers *only* which, for a mobile workforce (
even mailing from home ) *MUST* use the company servers, which means smtp auth of some
kind, or only using a web-based interface.
Doable but an administrative nightmare. The alternative is to use an SPF record that
allows anything, which is pointless.
Just my $0.02 ( and yes, my SPF's ok, sort of! ),