>Meanwhile, I'm still not proposing that we train users, or even >anti-spam software to "recognize" or "validate" mailing list addresses. >What I'm proposing is a way to send mail from a list with From: >@domain-of-list.tld so that it can pass DMARC/SPF/DKIM, and allow the >left side of the @ sign to identify the actual sender of the message. Yes, that's the 1980s percent hack. Do you really think it's a good idea to reinvent it to get around the defects of the FUSSP du jour? I agree that it's not plausible to train people to recognize mailing list addresses. But what you're proposing is to train people to be phished, by telling them that a rewritten address from something that looks sort of like a mailing list is equivalent to whatever the original address was. Given that DMARC is supposed to be an anti-phishing tool, this completely defeats the point. R's, John