It appears that Phillip Hallam-Baker <phill@xxxxxxxxxxxxxxx> said: >The big benefit of moving to a separate infrastructure in which every >message is authenticated and subject to access control with a default deny >posture is we can leave the SMTP anti-spam heuristics behind. Well, for about 15 minutes until we are reminded the hard way that "authenticated" is not a synonym for "not spam". Spammers are if anything better at DMARC, DKIM, et al., than legit senders. The reason e-mail has remained useful and that we put so much effort into it is that it's still the only way for anyone to send a message to someone else on the Internet without a previous introduction. We know how to build walled gardens, and there's a reason mail isn't one. Also, as I have said a few times before, any walled garden big enough to be interesting is big enough to have people you don't want to hear from, even if the people are authenticated. The ur example is Facebook. R's, John