Automatic signing of all outgoing email. Automatic checking of signatures on all incoming emails. If it isn't signed, it's spam or a phishing attempt.

Oh, and who produces the global PKI for that? Signing might work on SPAM (if the signature has to be different for every recipient), as it comes with a computing penalty, but phishing? Just because there is a signature does not mean I know who the person is or whether he can be trusted.