The new rules can affect a lot more than you would expect. An invalid DMARC is one of the easiest ways to exploit a mail system to spam. gmail is just as bad these days, they and onmicrosoft.com are terrible platforms to use for email.
I deal with cleaning up spam, and probably 95% of our spam is invalid SPF/DMARC, gmail, or onmicrosoft.
I personally drop things that have bad security records. If you can't be bothered to set your email service up properly, I don't want to talk to you.
Valid points. I don't know much about email server or email service config, beyond what the next idiot knows. I do believe spam kikes will whinge about this, until they do the available workarounds.
I rely every day on the skill, detailing, and work ethic of devops/server admin/IT people who handle this stuff. The importance of making the network work smoothly can not be overstated or overvalued.
I doubt spammers will whine, because a lot of them are using secured systems already (onmicrosoft, AWS, gmail) or they're hitting small shops that don't have properly security. It's not uncommon for our organization to get a system-wide email to every known address - all coming from the same sender. That sender turns out to be some small shop that set up email 20 years ago and never touched it. There are thousands of those email systems out there, they won't be secured until they get hit.
Even large companies aren't properly secured. For example, GE.com got kicked out by our spam filters a few weeks back because they aren't properly secured. They have the records, but they aren't doing anything. If I could gain access to their email system, chances are I could send email.
The biggest problem is always going to be people. I've seen plenty of properly secured systems where the person in the chair was the problem, not the email system itself.
(post is archived)