My lack of knowledge on this subject is evident here I am afraid. Is there not a way the networks could, like Google, try and detect spam or spoof messages?
Yes it can with reasonable accuracy, but it's a whack-a-mole game, because there is no standard, many attempts have been gamed successfully by spammers, not all email servers are configured to use the latest "practices" (since this gets expensive) and not all email clients are configured to use the latest practices because that would trigger many false positives.
I just did an experiment.
Using my local Postfix email server with the default settings, I just sent an email from bill.gates@microsoft.com to my GMail account. It arrived in my Inbox just fine. And I'm sure that if I sent this to dozens of people, then GMail would have flagged it, but it chose not to.
Somewhere else in this discussion someone compared it to peering, which is quite a good example.
You grant (read: sell) permission to other people to deliver text messages to your subscribers. The very same way you get a text message from carrier A while being a subscriber of carrier B. Now enter international territory. You interconnect with lots of networks, each of which can (in my experience services like that were often from/cheapest in eastern Europe) hand out access to more people to send on their behalf.
Google can only try to protect you in limited cases. Check if the mail says it is originated from Google and notice that it isn't (flags a lot of false positives, if you are a valid sender, sending in a non-standard way). Checking headers (easily forged for most parts). Things like SPF [1] where you, as the admin of a domain, can tell the world that really only host X sends mails on your behalf.
The world might not care though - and the burden is again not on your very own 'carrier' (Google here), but on everyone on this planet that runs a domain.
There might be other ways, but inherently this problem is unsolved. Unless you went to a key signing party and verify that the data you got was signed by the key that you _know_ belongs to the sender (and you trust him not to give it away. And you trust him not to lose control of it or at least revoke it).
