> The fact that an email doesn't DKIM verify should make it less likely to get into my inbox if the rest of the email I receive does verify.
Either you've gotten lucky or not as much e-mail verifies as you think. A lot of very legitimate e-mail is without DKIM, I'd say it's approx 50:50.
> Not only can Google require it, they already have done something similar with Chrome ratcheting warnings to force HTTPS on the web in just a few years.
They only have Gmail, not a near-monopoly of the e-mail market.
> Either you've gotten lucky or not as much e-mail verifies as you think. A lot of very legitimate e-mail is without DKIM, I'd say it's approx 50:50.
Personal communications come from users of legitimate email services with DKIM. Legitimate commercial email comes from mail servers with DKIM for deliverability. Theonly email I get that doesn't verify is spam. I doubt my experience is out of the ordinary for US users.
> They only have Gmail, not a near-monopoly of the e-mail market.
They have effectively similar dominance in email because nearly 100% of mail servers have to send to Gmail users, just as nearly 100% of web servers have to serve Chrome users.
> I doubt my experience is out of the ordinary for US users.
It's absolutely ordinary, but so is the opposite. Considering that DMARC is either-and, a lot of companies only employ SPF to reduce access and burden of updating DNS for DKIM keys for large amounts of senders.
Either you've gotten lucky or not as much e-mail verifies as you think. A lot of very legitimate e-mail is without DKIM, I'd say it's approx 50:50.
> Not only can Google require it, they already have done something similar with Chrome ratcheting warnings to force HTTPS on the web in just a few years.
They only have Gmail, not a near-monopoly of the e-mail market.