In other words, I don't think that forgery problems can be solved until
the solutions for them are mandatory.
I'm not sure whether it's necessary that the solutions be mandatory,
or whether it's sufficient that there be some incentives to using them.
for instance, if major ISPs processed authenticated mail faster than
non-authenticated mail, this would provide some incentive for sites
to authenticate. similarly, if businesses refused to accept any
non-text mail that wasn't authenticated (bouncing such messages
or issuing MDNs saying an attachment was deleted) then sites would
have a reason to authenticate.
the other trick is building an infrastructure that allows authenticated
mail to be verified and traced to the source, and one which facilitates
quick reporting and suppression of sources of abusive mail.
there would be LOTS of details to work out, and I don't pretend to
even skim the surface here.
Keith