And the problem, of course, is that typical email protocols are in the clear, not only for the log-in, but for the text of the email.

The email protocol (SMTP) has no authentication by default, so the spammer can pretend to originate a message apparently from any email address.

I mean, when I was reading about, originally reading about the TCP/IP stack, that's where it came from, and email protocol and so forth.

All relevant email protocols have an option to encrypt the whole session, to prevent a user's name and password from being sniffed.

Message Handling System (unrelated Novell email protocol)

Abadi & Blanchet used correspondence assertions to verify the certified email protocol.

Actually, all the mentioned threats are applicable to the traditional email protocols:

It's easy because of a flaw in the net's email protocol and because many ISPs have been lax about banning spammers from their networks.

As for email protocols, while I agree 100% that it sucks, if you look at it from the perspective of Google, you are already using a Gmail account.

If the European Union can change the money that 300 million people use all on one day, we can change our email protocol.