So that if one of your office PCs gets compromised the SMTP authentication is also compromised, and therefore you have the same problem. This is assuming you don't require that someone type their password everytime they send a message--that'd be ridiculous.
Yes, I imagine there is malware out there which can read smtp credentials from an infected host, but majority can't, and will just try sending out without authentication. If nothing else, resulting amount of spam is decreased severely.
OTOH, if smtp auth became mandatory, or at least widely used, malware would just adapt, and its ability to sniff out credentials would improve. Arms race and all that. So scratch my idea.
