Now, this is all very well for registering a person's email address as
"OK to send", but as we know it's now commonplace for spammers to send
their junk mail using a randomly chosen real person's email address
out of their list of people to spam.
To protect against this there needs to be some additional information.
It could be mailhub/domain-wide, sender-specific or
recipient-specific. It could be cryptographic, e.g. "your messages
must be GPG signed", or as simple as an extra email header similar to
"Approved:" on Usenet.
I quite like the idea of asking each person registering to specify
something which will appear in the email messages they send - perhaps
in either header or body, though limiting this to headers would be
better for performance purposes. For instance, I might choose to send
this header with all my messages...
X-This-Is-Not-Spam: Honest ;-)
It's not necessary to provide people with a way of editing this info,
since if they stop sending the (say) header and a message they send is
flagged as spam, they will be prompted to reregister.