"Neil" == Neil Brown <neil(_at_)brown(_dot_)name> writes:
Neil> Undoubtedly. However, what people "see fit" will likely be
Neil> influenced by what they hear/read. If people hear "MARID
Neil> and SPF can stop spam", they are more likely to use it to
Neil> try to stop spam than if they hear "MARID/SPF gives useful
Neil> weighting to spam detection heuristics".
I think that LMAP will certainly stop spam in the short term, in the
same way that checking the domain of the MAIL FROM resolved was quite
effective for a while. Then spammers adapted, and started using
non-existent localparts at valid domains.
Sender address verification (callback verification) is currently quite
an effective measure, though spammers are adapting and becoming more
inclined to send from valid addresses that don't belong to them.
LMAP will have a similar window where it is useful by itself; once
LMAP starts to be widely adopted, spammers will start to adapt and
publish LMAP records, and we'll have to move on to reputation
services.
Still, there's a window when LMAP alone will be useful, and I think
that's what's driving a lot of the early adopters. By the time LMAP
becomes mainstream (and probably by the time this WG produces a spec)
that window will already be starting to close, with significant
numbers of spammers publishing LMAP records...
-roy