>There a few issues with DMARC, but the main one - adoption by senders is well below 100% so you just cannot block mail without DMARC.
I wonder if this could be fixed by email clients marking emails that fail DKIM as spam/attaching a large warning. Most users use email clients and they really don't do a great job of notify users of potential spoofing issues (with Gmail, you have to find "view original" to see that DKIM fails). I'm sure that spam filters would notice after a few hundred/thousand emails, but a successful spear-phishing attempt may not require that many emails. If customers complain about legitimate emails being marked as actually fraudulent, I'm sure adoption rates will increase.
I wonder if this could be fixed by email clients marking emails that fail DKIM as spam/attaching a large warning. Most users use email clients and they really don't do a great job of notify users of potential spoofing issues (with Gmail, you have to find "view original" to see that DKIM fails). I'm sure that spam filters would notice after a few hundred/thousand emails, but a successful spear-phishing attempt may not require that many emails. If customers complain about legitimate emails being marked as actually fraudulent, I'm sure adoption rates will increase.