This is the http level of the implementation of a safer smtp based on an email authentification token request from the receiving server to the originated server. Identity steal represent 70% of the strongest scams because the way that smtp is design till now, nobody should trust an email unless having a real confirmation (in person, by phone, ...).