Why not replace the SMTP with an API and explicit permissions. When registering for a newsletter, I would explicitly grant the sender right to push stuff to my inbox. At any point I could revoke this right and the sender would get clear error message when pushing.

Old fashioned person-to-person email would work as it does. This would only apply to the app-to-user stuff, which in my case makes up >99% of my emails.