Ask Slashdot: How Useful Are DMARC and DKIM?

whoever57 writes How widely are DKIM and DMARC being implemented? Some time ago, Yahoo implemented strict checks on DKIM before accepting email, breaking many mailing lists. However, Spamassassin actually assigns a positive score (more likely to be spam) to DKIM-signed emails, unless the signer domain matches the from domain. Some email marketing companies don't provide a way for emails to be signed with the sender's domain — instead, using their own domain to sign emails. DMARC doesn't seem to have a delegation mechanism, by which a domain owner could delegate other domains as acceptable signatures for emails their emails. All of these issues suggest that the value of DKIM and DMARC is quite low, both as a mechanism to identify valid emails and as a mechanism to identify spam. In fact, spam is often dkim-signed. Are Slashdot users who manage email delivery actually using DKIM and DMARC?

working as designed?

[green1]

The poster complains that some email marketing (spam) companies don't provide any way to avoid being caught by these anti-spam tools... sounds like a good thing to me...

Re:working as designed?

[Pentium100]

This. Every time I see a complaint that "some tool" makes it harder for "marketing companies" to send email I think that I should use that tool for my email servers if I am not doing that already.

Pretty much nobody wants to get spam and that includes the marketing emails, not just the regular "vi@gr@" and "Nigerian prince" spam. Pretty much nobody cares that you do honor the "unsubscribe" link, because a lot of others don't, so it is much easier to just tag your email as spam and hope to never see it again.