I think it would help if someone can explain what an SMTP client certificate actually proves, without all the wishful thinking that every nugget of "security" is a worthwhile improvement.
What does the certificate really prove about the SMTP client? What does the certificate prove about the connection from that SMTP client, and how useful is that really, bearing in mind that this SMTP connection is very likely only the last one in a sequence of network connections? What does it prove about the message envelope and message content that was sent over that SMTP connection, bearing in mind that the message very likely originated from some other system? Wietse