What we need is a method of identifying forgeries, not a method of
identifying legitimate email.
I share that desire. However, as a practical matter it may be easier to
get legitimate senders to cooperate than would-be forgers.
Exacto!
For anti-spam, the future reality is that any successful anti-forgery will
eliminate the forgery case as useful input. Spammers will morph. The PASS
case is going to be much more useful in long run. We have a proprietary
algorithm in mind, which I can not detail in public.