Address exhaustion is a real issue though, so you will need to acquire many email-worthy domains for this service.
As you mention we can use aliases for unique emails (which is what I do, but I had to create a software on the side of my mail server to manage them, as my mail server never intended to use aliases that way, and for instance makes the list of aliases visible to everyone on the server, and does not allow to assign a keyword to an alias).
It is possible to have guarantees on senders by using spf and dkim, but not many server actually use them and you currently can't make it a hard requirement for your incoming traffic, so pretty much useless.
Smtp encryption has taken a step back with TLS, as with STARTTLS we are now forced to use optional encryption that can be downgraded by a MITM, whereas before one could elect to only have an SSL port open.
Content encryption is possible using PGP but clunky and almost no one uses it.
And people can buy their own domains if they know it is possible and how to configure a DNS server, needless to say not many people do.
What I suggest is that we would need a protocol that does all that by default.