Case 2: non-consent is presumed for unauthenticated senders;
Neither of these furthers the discourse since nothing prevents you from making white/black lists today.
Excuse me?!
Maybe the fact that everyone can claim to be anyone in SMTP might get in the way of my *listing operations?
Authentication won't "solve" spam, but not having it sure makes spamming easier and more annoying. (Today I even got a message claiming to be from the email administrator for my domain. Guess who is the email administrator of my domain... This type of forgery is also hard on the spam filtering AI, usually resulting in a false negative.)