SMTP is extremely insecure in terms of authentication. In other words, when Jennifer receives a message that appears to be sent from John, there is little she can do to authenticate the sender’s identify using just SMTP.
Again, in order to authenticate messages, end users need to rely on tools that integrate into email client programs (Outlook, Thunderbird, etc.). A sender can sign a message, and a recipient can validate the signiture. This makes it possible to authenticate a message is sent from someone who has access to the private key used to sign the message.